Merge branch 'main' into renovate/komoplane-0.x

.github/workflows/trivy-scan-table.yaml

@@ -145,12 +145,13 @@ jobs:
           git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
           git pull
           echo "remove old reports. ids from removed images are: "
-          cat platform-apps/charts/image-list-removed.json | jq '.[].id'
+          cat platform-apps/charts/image-list-removed.json | jq -r '.[].id'
 
           # use find to remove files
           # because it does not fail when no files exist
-          for id in $( cat platform-apps/charts/image-list-removed.json | jq '.[].id' ) ; do
-            find trivy-reports/ -type f -name 'report-${id}.md' -delete
+          for id in $( cat platform-apps/charts/image-list-removed.json | jq -r '.[].id' ) ; do
+            echo "delete file trivy-reports/report-${id}.md"
+            rm -f trivy-reports/report-${id}.md
           done
 
           # delete file again so it will not get committed

platform-apps/charts/grafana/Chart.lock

@@ -1,6 +1,6 @@
 dependencies:
 - name: grafana
   repository: https://grafana.github.io/helm-charts
-  version: 8.8.4
-digest: sha256:e732fd6aaf2050a0d32b34181a9fd164a06810994967504bc72ce72fe47919c0
-generated: "2025-01-20T21:06:12.705840407Z"
+  version: 8.8.5
+digest: sha256:7d00311864444cf6aad7ba331ac4bafd669c85bfb77d5ee032ad812046d0dd3c
+generated: "2025-01-22T20:05:21.336149481Z"

platform-apps/charts/grafana/Chart.yaml

@@ -26,5 +26,5 @@ appVersion: "1.0.0"
 dependencies:
   - name: grafana
     alias: grafana
-    version: 8.8.4
+    version: 8.8.5
     repository: https://grafana.github.io/helm-charts

platform-apps/charts/image-list.json

@@ -371,13 +371,13 @@
   },
   {
     "chart": "mimir",
-    "image": "grafana/mimir:2.14.0",
-    "id": "mimir_mimir_2.14.0"
+    "image": "grafana/mimir:2.15.0",
+    "id": "mimir_mimir_2.15.0"
   },
   {
     "chart": "mimir",
-    "image": "grafana/rollout-operator:v0.19.1",
-    "id": "mimir_rollout-operator_v0.19.1"
+    "image": "grafana/rollout-operator:v0.21.0",
+    "id": "mimir_rollout-operator_v0.21.0"
   },
   {
     "chart": "mimir",

platform-apps/charts/image-list.md

@@ -94,8 +94,8 @@
 * quay.io/minio/minio:RELEASE.2024-04-18T19-09-19Z
 ## mimir
 * docker.io/nginxinc/nginx-unprivileged:1.27-alpine
-* grafana/mimir:2.14.0
-* grafana/rollout-operator:v0.19.1
+* grafana/mimir:2.15.0
+* grafana/rollout-operator:v0.21.0
 * quay.io/minio/mc:RELEASE.2024-04-18T16-45-29Z
 * quay.io/minio/minio:RELEASE.2024-04-18T19-09-19Z
 ## minio

platform-apps/charts/mimir/Chart.lock

@@ -1,6 +1,6 @@
 dependencies:
 - name: mimir-distributed
   repository: https://grafana.github.io/helm-charts
-  version: 5.5.1
-digest: sha256:80db4c1bde9a89b55015b84cb67d73b7c657c68d0c7bb0d357e59fe9c0d59aa0
-generated: "2024-10-21T18:46:53.456348289Z"
+  version: 5.6.0
+digest: sha256:24735b1cac55d71414d74b5c9105f20e7c398b035aef921266363ff7d7e86191
+generated: "2025-01-21T01:19:20.058907107Z"

platform-apps/charts/mimir/Chart.yaml

@@ -26,6 +26,6 @@ appVersion: "1.0.0"
 dependencies:
   - name: mimir-distributed
     alias: mimir
-    version: 5.5.1
+    version: 5.6.0
     repository: https://grafana.github.io/helm-charts
 

trivy-reports/report-mimir_mimir_2.15.0.md

@@ -0,0 +1,7 @@
+
+<h3>Target <code>grafana/mimir:2.15.0 (debian 12.8)</code></h3>
+<h4>No Vulnerabilities found</h4>
+<h4>No Misconfigurations found</h4>
+<h3>Target <code>bin/mimir</code></h3>
+<h4>No Vulnerabilities found</h4>
+<h4>No Misconfigurations found</h4>

trivy-reports/report-mimir_rollout-operator_v0.19.1.md → trivy-reports/report-mimir_rollout-operator_v0.21.0.md

@@ -1,9 +1,9 @@
 
-<h3>Target <code>grafana/rollout-operator:v0.19.1 (debian 12.6)</code></h3>
+<h3>Target <code>grafana/rollout-operator:v0.21.0 (debian 12.8)</code></h3>
 <h4>No Vulnerabilities found</h4>
 <h4>No Misconfigurations found</h4>
 <h3>Target <code>bin/rollout-operator</code></h3>
-<h4>Vulnerabilities (2)</h4>
+<h4>Vulnerabilities (1)</h4>
 <table>
     <tr>
         <th>Package</th>
@@ -16,15 +16,8 @@
         <td><code>golang.org/x/net</code></td>
         <td>CVE-2024-45338</td>
         <td>HIGH</td>
-        <td>v0.26.0</td>
+        <td>v0.28.0</td>
         <td>0.33.0</td>
     </tr>
-    <tr>
-        <td><code>stdlib</code></td>
-        <td>CVE-2024-34156</td>
-        <td>HIGH</td>
-        <td>v1.23.0</td>
-        <td>1.22.7, 1.23.1</td>
-    </tr>
 </table>
 <h4>No Misconfigurations found</h4>

trivy-reports/report-velero_kubectl_1.32.md

@@ -0,0 +1,51 @@
+
+<h3>Target <code>docker.io/bitnami/kubectl:1.32 (debian 12.9)</code></h3>
+<h4>No Vulnerabilities found</h4>
+<h4>No Misconfigurations found</h4>
+<h3>Target <code></code></h3>
+<h4>Vulnerabilities (1)</h4>
+<table>
+    <tr>
+        <th>Package</th>
+        <th>ID</th>
+        <th>Severity</th>
+        <th>Installed Version</th>
+        <th>Fixed Version</th>
+    </tr>
+    <tr>
+        <td><code>golang.org/x/net</code></td>
+        <td>CVE-2024-45338</td>
+        <td>HIGH</td>
+        <td>v0.30.0</td>
+        <td>0.33.0</td>
+    </tr>
+</table>
+<h4>No Misconfigurations found</h4>
+<h3>Target <code>opt/bitnami/common</code></h3>
+<h4>No Vulnerabilities found</h4>
+<h4>No Misconfigurations found</h4>
+<h3>Target <code>opt/bitnami/common/bin/yq</code></h3>
+<h4>No Vulnerabilities found</h4>
+<h4>No Misconfigurations found</h4>
+<h3>Target <code>opt/bitnami/kubectl</code></h3>
+<h4>No Vulnerabilities found</h4>
+<h4>No Misconfigurations found</h4>
+<h3>Target <code>opt/bitnami/kubectl/bin/kubectl</code></h3>
+<h4>Vulnerabilities (1)</h4>
+<table>
+    <tr>
+        <th>Package</th>
+        <th>ID</th>
+        <th>Severity</th>
+        <th>Installed Version</th>
+        <th>Fixed Version</th>
+    </tr>
+    <tr>
+        <td><code>golang.org/x/net</code></td>
+        <td>CVE-2024-45338</td>
+        <td>HIGH</td>
+        <td>v0.30.0</td>
+        <td>0.33.0</td>
+    </tr>
+</table>
+<h4>No Misconfigurations found</h4>