search

kubernetes-client / java

Official Java client library for kubernetes
http://kubernetes.io/
Apache License 2.0
3.55k stars 1.89k forks source link

crd-model-gen:v1.0.6 hasn't been updated in three years #3712

Open misterikkit opened 2 days ago

misterikkit commented 2 days ago

Describe the bug The container ghcr.io/kubernetes-client/java/crd-model-gen:v1.0.6 is 3 years old and makes use of a similarly aged KiND version, v0.11.1. Some security tools are flagging these old files as vulnerable. e.g.

$ docker run --rm -it --entrypoint kind ghcr.io/kubernetes-client/java/crd-model-gen:v1.0.6 version
kind v0.11.1 go1.16.4 linux/amd64

Continuing to use this for java codegen may become impossible in environments where I cannot control what security scans run or their strictness.

brendandburns commented 1 day ago

You can always regenerate the image as needed using the script here: https://github.com/kubernetes-client/java/blob/master/scripts/publish-crd-model-gen-image.sh

and the Dockerfile here: https://github.com/kubernetes-client/java/blob/master/client-java-contrib/Dockerfile

We'd welcome a PR updating the version of kind that is used.

Most people don't need to use this script unless they are generating their own CRD code.