From a1d7e51f8f2d2cb16fb7069dc78f05dd38918b10 Mon Sep 17 00:00:00 2001 From: Aikawa Date: Sun, 31 Jul 2022 21:19:47 +0900 Subject: [PATCH] chore(argo-cd): update redis to 7.0.4 for avoiding CVE-2022-30065 (#1387) Signed-off-by: yu-croco --- charts/argo-cd/Chart.yaml | 4 ++-- charts/argo-cd/README.md | 4 ++-- charts/argo-cd/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/argo-cd/Chart.yaml b/charts/argo-cd/Chart.yaml index f5892468..ae2fe8e6 100644 --- a/charts/argo-cd/Chart.yaml +++ b/charts/argo-cd/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: v2.4.7 description: A Helm chart for Argo CD, a declarative, GitOps continuous delivery tool for Kubernetes. name: argo-cd -version: 4.10.2 +version: 4.10.3 home: https://github.com/argoproj/argo-helm icon: https://argo-cd.readthedocs.io/en/stable/assets/logo.png keywords: @@ -21,4 +21,4 @@ dependencies: condition: redis-ha.enabled annotations: artifacthub.io/changes: | - - "[Fixed]: Drop all `~` keys from redis-ha because they cause error on kustomize and cannot document via helm-docs" + - "[Changed]: update redis to 7.0.4 for avoiding CVE-2022-30065" diff --git a/charts/argo-cd/README.md b/charts/argo-cd/README.md index e563d053..d9dbb7cc 100644 --- a/charts/argo-cd/README.md +++ b/charts/argo-cd/README.md @@ -640,7 +640,7 @@ NAME: my-release | redis.extraContainers | list | `[]` | Additional containers to be added to the redis pod | | redis.image.imagePullPolicy | string | `"IfNotPresent"` | Redis imagePullPolicy | | redis.image.repository | string | `"public.ecr.aws/docker/library/redis"` | Redis repository | -| redis.image.tag | string | `"7.0.0-alpine"` | Redis tag | +| redis.image.tag | string | `"7.0.4-alpine"` | Redis tag | | redis.imagePullSecrets | list | `[]` | Secrets with credentials to pull images from a private registry | | redis.initContainers | list | `[]` | Init containers to add to the redis pod | | redis.metrics.containerPort | int | `9121` | Port to use for redis-exporter sidecar | @@ -698,7 +698,7 @@ The main options are listed here: | redis-ha.exporter.enabled | bool | `true` | If `true`, the prometheus exporter sidecar is enabled | | redis-ha.haproxy.enabled | bool | `true` | Enabled HAProxy LoadBalancing/Proxy | | redis-ha.haproxy.metrics.enabled | bool | `true` | HAProxy enable prometheus metric scraping | -| redis-ha.image.tag | string | `"7.0.0-alpine"` | Redis tag | +| redis-ha.image.tag | string | `"7.0.4-alpine"` | Redis tag | | redis-ha.persistentVolume.enabled | bool | `false` | Configures persistency on Redis nodes | | redis-ha.redis.config | object | See [values.yaml] | Any valid redis config options in this section will be applied to each server (see `redis-ha` chart) | | redis-ha.redis.config.save | string | `'""'` | Will save the DB if both the given number of seconds and the given number of write operations against the DB occurred. `""` is disabled | diff --git a/charts/argo-cd/values.yaml b/charts/argo-cd/values.yaml index 67ed8e5b..dfe758a1 100755 --- a/charts/argo-cd/values.yaml +++ b/charts/argo-cd/values.yaml @@ -595,7 +595,7 @@ redis: # -- Redis repository repository: public.ecr.aws/docker/library/redis # -- Redis tag - tag: 7.0.0-alpine + tag: 7.0.4-alpine # -- Redis imagePullPolicy imagePullPolicy: IfNotPresent @@ -804,7 +804,7 @@ redis-ha: enabled: true image: # -- Redis tag - tag: 7.0.0-alpine + tag: 7.0.4-alpine ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/ topologySpreadConstraints: