From 63a5ad4d89c5fc07d934e964e7e4a1f5768723c9 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 19 Jan 2025 09:36:32 +0000 Subject: [PATCH 1/3] fix(deps): update helm release k8s-monitoring to v1.6.21 --- platform-apps/charts/k8s-monitoring/Chart.lock | 6 +++--- platform-apps/charts/k8s-monitoring/Chart.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/platform-apps/charts/k8s-monitoring/Chart.lock b/platform-apps/charts/k8s-monitoring/Chart.lock index f0b8e8b4..ca653b25 100644 --- a/platform-apps/charts/k8s-monitoring/Chart.lock +++ b/platform-apps/charts/k8s-monitoring/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: k8s-monitoring repository: https://grafana.github.io/helm-charts - version: 1.6.19 -digest: sha256:e34e97e77c59b0bb43d06625f49f5f8d0d26825a4f349fee4eb008aa75196533 -generated: "2025-01-14T00:56:56.221123154Z" + version: 1.6.21 +digest: sha256:72ff25742e97d17f8c5588b986045717fe0ae374356228776ab7f2a5e1fb1e87 +generated: "2025-01-19T09:36:24.827327485Z" diff --git a/platform-apps/charts/k8s-monitoring/Chart.yaml b/platform-apps/charts/k8s-monitoring/Chart.yaml index c3f753e3..b5f85d2b 100644 --- a/platform-apps/charts/k8s-monitoring/Chart.yaml +++ b/platform-apps/charts/k8s-monitoring/Chart.yaml @@ -26,5 +26,5 @@ appVersion: "1.0.0" dependencies: - name: k8s-monitoring alias: k8s-monitoring - version: 1.6.19 + version: 1.6.21 repository: https://grafana.github.io/helm-charts From d1134f2bd1803b792c79798a05ddf36250408b16 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 20 Jan 2025 19:18:24 +0000 Subject: [PATCH 2/3] updated container image list --- platform-apps/charts/image-list.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform-apps/charts/image-list.md b/platform-apps/charts/image-list.md index 814fdfdb..ede4f570 100644 --- a/platform-apps/charts/image-list.md +++ b/platform-apps/charts/image-list.md @@ -45,7 +45,7 @@ * registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.0@sha256:aaafd456bda110628b2d4ca6296f38731a3aaf0bf7581efae824a41c770a8fc4 ## k8s-monitoring * docker.io/grafana/alloy:v1.5.1 -* ghcr.io/grafana/k8s-monitoring-test:1.6.19 +* ghcr.io/grafana/k8s-monitoring-test:1.6.21 * ghcr.io/jimmidyson/configmap-reload:v0.12.0 * quay.io/prometheus/node-exporter:v1.8.2 * registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.14.0 From 1a2012c2534b286148588cd4b6a31d55acbb51c8 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Mon, 20 Jan 2025 19:22:07 +0000 Subject: [PATCH 3/3] updated trivy scan results --- .../report-backstage_sx-backstage_v1.32.5.md | 128 +++++++++++++++++- ...-monitoring_k8s-monitoring-test_1.6.21.md} | 0 trivy-reports/report-kargo_kargo_v1.1.2.md | 73 ---------- trivy-reports/report-kargo_kargo_v1.2.0.md | 36 +++++ 4 files changed, 163 insertions(+), 74 deletions(-) rename trivy-reports/{report-k8s-monitoring_k8s-monitoring-test_1.6.19.md => report-k8s-monitoring_k8s-monitoring-test_1.6.21.md} (100%) delete mode 100644 trivy-reports/report-kargo_kargo_v1.1.2.md create mode 100644 trivy-reports/report-kargo_kargo_v1.2.0.md diff --git a/trivy-reports/report-backstage_sx-backstage_v1.32.5.md b/trivy-reports/report-backstage_sx-backstage_v1.32.5.md index 65e666c0..900a785f 100644 --- a/trivy-reports/report-backstage_sx-backstage_v1.32.5.md +++ b/trivy-reports/report-backstage_sx-backstage_v1.32.5.md @@ -1,6 +1,6 @@

Target ghcr.io/suxess-it/sx-backstage:v1.32.5 (debian 12.7)

-

Vulnerabilities (156)

+

Vulnerabilities (174)

@@ -891,6 +891,27 @@ + + + + + + + + + + + + + + + + + + + + + @@ -898,6 +919,13 @@ + + + + + + + @@ -912,6 +940,76 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -933,6 +1031,34 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/trivy-reports/report-k8s-monitoring_k8s-monitoring-test_1.6.19.md b/trivy-reports/report-k8s-monitoring_k8s-monitoring-test_1.6.21.md similarity index 100% rename from trivy-reports/report-k8s-monitoring_k8s-monitoring-test_1.6.19.md rename to trivy-reports/report-k8s-monitoring_k8s-monitoring-test_1.6.21.md diff --git a/trivy-reports/report-kargo_kargo_v1.1.2.md b/trivy-reports/report-kargo_kargo_v1.1.2.md deleted file mode 100644 index bcb087e0..00000000 --- a/trivy-reports/report-kargo_kargo_v1.1.2.md +++ /dev/null @@ -1,73 +0,0 @@ - -

Target ghcr.io/akuity/kargo:v1.1.2 (wolfi 20230201)

-

No Vulnerabilities found

-

No Misconfigurations found

-

Target usr/local/bin/credential-helper

-

No Vulnerabilities found

-

No Misconfigurations found

-

Target usr/local/bin/grpc_health_probe

-

Vulnerabilities (2)

-
Package6.1.112-1 6.1.123-1
linux-libc-devCVE-2024-53165HIGH6.1.112-16.1.123-1
linux-libc-devCVE-2024-53171HIGH6.1.112-16.1.123-1
linux-libc-devCVE-2024-53173HIGH6.1.112-16.1.123-1
linux-libc-dev CVE-2024-532066.1.112-1 6.1.123-1
linux-libc-devCVE-2024-53208HIGH6.1.112-16.1.123-1
linux-libc-dev CVE-2024-532136.1.112-1 6.1.123-1
linux-libc-devCVE-2024-53237HIGH6.1.112-16.1.123-1
linux-libc-devCVE-2024-56581HIGH6.1.112-16.1.123-1
linux-libc-devCVE-2024-56595HIGH6.1.112-16.1.123-1
linux-libc-devCVE-2024-56596HIGH6.1.112-16.1.123-1
linux-libc-devCVE-2024-56598HIGH6.1.112-16.1.123-1
linux-libc-devCVE-2024-56600HIGH6.1.112-16.1.123-1
linux-libc-devCVE-2024-56601HIGH6.1.112-16.1.123-1
linux-libc-devCVE-2024-56602HIGH6.1.112-16.1.123-1
linux-libc-devCVE-2024-56603HIGH6.1.112-16.1.123-1
linux-libc-devCVE-2024-56604HIGH6.1.112-16.1.123-1
linux-libc-dev CVE-2024-566056.1.112-1 6.1.123-1
linux-libc-devCVE-2024-56615HIGH6.1.112-16.1.123-1
linux-libc-devCVE-2024-56626HIGH6.1.112-16.1.123-1
linux-libc-devCVE-2024-56627HIGH6.1.112-16.1.123-1
linux-libc-devCVE-2024-56640HIGH6.1.112-16.1.123-1
linux-libc-dev CVE-2024-56642
- - - - - - - - - - - - - - - - - - - - - -
PackageIDSeverityInstalled VersionFixed Version
golang.org/x/cryptoCVE-2024-45337CRITICALv0.26.00.31.0
golang.org/x/netCVE-2024-45338HIGHv0.28.00.33.0
-

No Misconfigurations found

-

Target usr/local/bin/kargo

-

Vulnerabilities (4)

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PackageIDSeverityInstalled VersionFixed Version
github.com/go-git/go-git/v5CVE-2025-21613CRITICALv5.12.05.13.0
github.com/go-git/go-git/v5CVE-2025-21614HIGHv5.12.05.13.0
golang.org/x/cryptoCVE-2024-45337CRITICALv0.29.00.31.0
golang.org/x/netCVE-2024-45338HIGHv0.31.00.33.0
-

No Misconfigurations found

diff --git a/trivy-reports/report-kargo_kargo_v1.2.0.md b/trivy-reports/report-kargo_kargo_v1.2.0.md new file mode 100644 index 00000000..d6c2bbb5 --- /dev/null +++ b/trivy-reports/report-kargo_kargo_v1.2.0.md @@ -0,0 +1,36 @@ + +

Target ghcr.io/akuity/kargo:v1.2.0 (wolfi 20230201)

+

No Vulnerabilities found

+

No Misconfigurations found

+

Target usr/local/bin/credential-helper

+

No Vulnerabilities found

+

No Misconfigurations found

+

Target usr/local/bin/grpc_health_probe

+

Vulnerabilities (2)

+ + + + + + + + + + + + + + + + + + + + + + +
PackageIDSeverityInstalled VersionFixed Version
golang.org/x/cryptoCVE-2024-45337CRITICALv0.26.00.31.0
golang.org/x/netCVE-2024-45338HIGHv0.28.00.33.0
+

No Misconfigurations found

+

Target usr/local/bin/kargo

+

No Vulnerabilities found

+

No Misconfigurations found