This repository has been archived by the owner on Nov 1, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 262
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #656 from fluxcd/master
Housekeeping merge release 1.4.3
- Loading branch information
Showing
16 changed files
with
166 additions
and
342 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
FROM alpine:3.13 | ||
FROM alpine:3.15 | ||
|
||
WORKDIR /home/flux | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
HELM3_VERSION=3.6.3 | ||
HELM3_CHECKSUM_amd64=07c100849925623dc1913209cd1a30f0a9b80a5b4d6ff2153c609d11b043e262 | ||
HELM3_CHECKSUM_arm=6918e573a70c309fbf6385a0a0d18d090c10b44d318724f1f73e47ede4809635 | ||
HELM3_CHECKSUM_arm64=6fe647628bc27e7ae77d015da4d5e1c63024f673062ac7bc11453ccc55657713 | ||
HELM3_VERSION=3.9.2 | ||
HELM3_CHECKSUM_amd64=3f5be38068a1829670440ccf00b3b6656fd90d0d9cfd4367539f3b13e4c20531 | ||
HELM3_CHECKSUM_arm=fb9f0c1c9475c66c2b3579b908c181d519761bbfae963ffac860bc683a2253de | ||
HELM3_CHECKSUM_arm64=e4e2f9aad786042d903534e3131bc5300d245c24bbadf64fc46cca1728051dbc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
KUBECTL_VERSION=v1.15.7 | ||
KUBECTL_CHECKSUM_amd64=d815361bdb3a9e8032b8c5c1e0da81d7dd7645cdb0fef6699cab6b379bee59a522a02d361f353f261734bbcd698250135763368b43225f28c7a240bc0e244ef2 | ||
KUBECTL_CHECKSUM_arm=6911ad6f772ec7a702399eb2830c11cead2dec9dd39f10fc544a0c1f13b704cb7d17e41964761dcebcf04c0badf46af4111ebfc399aeef65e117081d4d86713b | ||
KUBECTL_CHECKSUM_arm64=82c82040a21d450f487db5e9afc6b4acf7711c6f1a2ac55386f16320f276f4d9c6f0eb0cb5abfcd84b7eb3bef29b4fedaabd34406ebe51ffadd7a2e623d94170 | ||
KUBECTL_VERSION=v1.21.14 | ||
KUBECTL_CHECKSUM_amd64=52a98cc64abeea4187391cbf0ad5bdd69b6920c2b29b8f9afad194441e642fb8f252e14a91c095ef1e85a23e5bb587916bd319566b6e8d1e03be5505400f44b4 | ||
KUBECTL_CHECKSUM_arm=fb204c3494bb7acf59ea0dc2b6f94c5a7d2b7e6d69c05b7a7e77b3fc438e574e9ac5f8720a4ae8f2f660822262aa8c4723bfe269c49ed641031f8259210e5b48 | ||
KUBECTL_CHECKSUM_arm64=ed613592035b45c4f4571eed2b739c837def4287aacc7c37665e596484aa6dbd299224ef12ec329cfa8a655e20b6bee6f6fc3204bc79b92d832171073ddde191 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,10 +1,9 @@ | ||
module github.com/fluxcd/helm-operator | ||
|
||
go 1.14 | ||
go 1.16 | ||
|
||
require ( | ||
github.com/bitly/go-simplejson v0.5.0 // indirect | ||
github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 // indirect | ||
github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d // indirect | ||
github.com/bshuster-repo/logrus-logstash-hook v1.0.2 // indirect | ||
github.com/bugsnag/panicwrap v1.2.0 // indirect | ||
github.com/docker/go-metrics v0.0.1 // indirect | ||
|
@@ -15,30 +14,31 @@ require ( | |
github.com/garyburd/redigo v1.6.0 // indirect | ||
github.com/go-kit/kit v0.10.0 | ||
github.com/gofrs/uuid v3.2.0+incompatible // indirect | ||
github.com/golang/protobuf v1.5.0 | ||
github.com/google/go-cmp v0.5.5 | ||
github.com/golang/protobuf v1.5.2 | ||
github.com/google/go-cmp v0.5.6 | ||
github.com/gorilla/mux v1.7.3 | ||
github.com/helm/helm-2to3 v0.8.2 | ||
github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0 // indirect | ||
github.com/mattn/go-colorable v0.1.6 // indirect | ||
github.com/ncabatoff/go-seq v0.0.0-20180805175032-b08ef85ed833 | ||
github.com/pkg/errors v0.9.1 | ||
github.com/prometheus/client_golang v1.7.1 | ||
github.com/prometheus/client_golang v1.11.1 | ||
github.com/shurcooL/vfsgen v0.0.0-20181202132449-6a9ea43bcacd | ||
github.com/spf13/pflag v1.0.5 | ||
github.com/stretchr/testify v1.7.0 | ||
github.com/yvasiyarov/go-metrics v0.0.0-20150112132944-c25f46c4b940 // indirect | ||
github.com/yvasiyarov/newrelic_platform_go v0.0.0-20160601141957-9c099fbc30e9 // indirect | ||
google.golang.org/grpc v1.27.1 | ||
google.golang.org/grpc v1.43.0 | ||
helm.sh/helm/v3 v3.6.3 | ||
k8s.io/api v0.21.7 | ||
k8s.io/apiextensions-apiserver v0.21.7 | ||
k8s.io/apimachinery v0.21.7 | ||
k8s.io/cli-runtime v0.21.7 | ||
k8s.io/api v0.22.5 | ||
k8s.io/apiextensions-apiserver v0.21.14 | ||
k8s.io/apimachinery v0.22.5 | ||
k8s.io/cli-runtime v0.21.14 | ||
k8s.io/client-go v11.0.0+incompatible | ||
k8s.io/helm v2.17.0+incompatible | ||
k8s.io/klog v1.0.0 | ||
k8s.io/kubectl v0.21.7 | ||
k8s.io/utils v0.0.0-20210521133846-da695404a2bc | ||
k8s.io/kubectl v0.21.14 | ||
k8s.io/utils v0.0.0-20211116205334-6203023598ed | ||
sigs.k8s.io/yaml v1.2.0 | ||
) | ||
|
||
|
@@ -47,7 +47,8 @@ replace github.com/fluxcd/helm-operator/pkg/install => ./pkg/install | |
|
||
// Transitive requirement from Helm: https://github.com/helm/helm/blob/v3.5.2/go.mod#L52-L53 | ||
replace ( | ||
github.com/docker/distribution => github.com/docker/distribution v2.7.0-rc.0+incompatible | ||
// Mitigating CVE-2017-11468 and GHSA-qq97-vm5h-rrhg | ||
github.com/docker/distribution => github.com/docker/distribution v2.8.1+incompatible | ||
|
||
github.com/docker/docker => github.com/moby/moby v17.12.0-ce-rc1.0.20200618181300-9dc6525e6118+incompatible | ||
) | ||
|
@@ -58,12 +59,6 @@ replace ( | |
github.com/fluxcd/flux/pkg/install => github.com/fluxcd/flux/pkg/install v0.0.0-20200206191601-8b676b003ab0 | ||
) | ||
|
||
// Force upgrade because of a transitive downgrade. | ||
// github.com/fluxcd/helm-operator | ||
// +-> github.com/fluxcd/[email protected] | ||
// +-> k8s.io/[email protected]+incompatible | ||
replace k8s.io/client-go => k8s.io/client-go v0.21.7 | ||
|
||
// Force upgrade because of a transitive downgrade. | ||
// github.com/fluxcd/flux | ||
// +-> github.com/fluxcd/[email protected] | ||
|
@@ -74,18 +69,41 @@ replace ( | |
k8s.io/helm => k8s.io/helm v2.17.0+incompatible | ||
) | ||
|
||
// Pin specific runc following example of source-controller upstream: | ||
// https://github.com/fluxcd/source-controller/blob/59dc602b2d0a5b0d4625a4a848303fa2d2117e84/go.mod#L62-L77 | ||
// github.com/fluxcd/helm-operator | ||
// +-> helm.sh/helm/[email protected] | ||
// +-> github.com/opencontainers/[email protected] | ||
replace github.com/opencontainers/runc => github.com/opencontainers/runc v1.0.2 | ||
// Mitigating: | ||
// CVE-2019-16884, CVE-2019-19921, CVE-2022-24769, | ||
// CVE-2022-29162, CVE-2021-30465 and CVE-2016-9962. | ||
replace github.com/opencontainers/runc => github.com/opencontainers/runc v1.1.2 | ||
|
||
// Mitigating: GHSA-5j5w-g665-5m35 | ||
replace github.com/containerd/containerd => github.com/containerd/containerd v1.4.12 | ||
// Mitigating: GHSA-crp2-qrr5-8pq7 | ||
replace github.com/containerd/containerd => github.com/containerd/containerd v1.4.13 | ||
|
||
// Mitigating: GHSA-77vh-xpmg-72qh | ||
replace github.com/opencontainers/image-spec => github.com/opencontainers/image-spec v1.0.2 | ||
|
||
// Mitigating: CVE-2021-41092 | ||
replace github.com/docker/cli => github.com/docker/cli v20.10.9+incompatible | ||
|
||
// Mitigating: CVE-2022-21235 | ||
replace github.com/Masterminds/vcs => github.com/Masterminds/vcs v1.13.3 | ||
|
||
replace github.com/prometheus/client_golang => github.com/prometheus/client_golang v1.7.1 | ||
|
||
// Pin kubernetes dependencies to 1.21.* | ||
replace ( | ||
k8s.io/api => k8s.io/api v0.21.14 | ||
k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.21.14 | ||
k8s.io/apimachinery => k8s.io/apimachinery v0.21.14 | ||
k8s.io/cli-runtime => k8s.io/cli-runtime v0.21.14 | ||
k8s.io/client-go => k8s.io/client-go v0.21.14 | ||
k8s.io/code-generator => k8s.io/code-generator v0.21.14 | ||
k8s.io/kubectl => k8s.io/kubectl v0.21.14 | ||
) | ||
|
||
// Mitigating: CVE-2021-38561 | ||
replace golang.org/x/text => golang.org/x/text v0.3.7 | ||
|
||
// Mitigating: CVE-2022-29526 | ||
replace golang.org/x/sys => golang.org/x/sys v0.0.0-20220412211240-33da011f77ad | ||
|
||
// Mitigating: CVE-2022-27191 | ||
replace golang.org/x/crypto => golang.org/x/crypto v0.0.0-20220314234659-1baeb1ce4c0b |
Oops, something went wrong.