1.1.3 image is old and based on out of support golang:1.18

hashicorp / terraform-k8s

Terraform Cloud Operator for Kubernetes

https://learn.hashicorp.com/tutorials/terraform/kubernetes-operator?in=terraform/kubernetes

Mozilla Public License 2.0

454 stars 71 forks source link

1.1.3 image is old and based on out of support golang:1.18 #172

Open dragos-cojocari opened 8 months ago

dragos-cojocari commented 8 months ago

The latest image version, 1.1.3 is more than 1 year old and has several high and critical vulnerabilities. Some of these originate from the image being built on golang:1.18 Is there anything blocking the use of a newer golang version, ideally golang:1.21?

dragos-cojocari commented 8 months ago

The go dependencies also need updating since some of the security vulnerabilities originate from them.

dragos-cojocari commented 7 months ago

Any updates on this?