search

puppetlabs / puppetserver-helm-chart

The Helm Chart for Puppet Server
Apache License 2.0
47 stars 55 forks source link

Fix: Update cURL container to address CVE-2023-38545 & CVE-2023-38546 #218

Closed j0sh3rs closed 3 months ago

j0sh3rs commented 3 months ago

This PR updates the version of curl to the latest stable release, and thereby addresses CVE-2023-38545 & CVE-2023-38546. This is a safe change given the usage of curl within the chart, and will mitigate any potential container vulnerability scanner findings by deploying this chart in enterprise environments.

j0sh3rs commented 3 months ago

Ah, of course. I thought I saw the github actions would do that, but happy to!

j0sh3rs commented 3 months ago 
$ helm unittest . -u
WARNING: Kubernetes configuration file is group-readable. This is insecure. Location: /etc/rancher/k3s/k3s.yaml
WARNING: Kubernetes configuration file is world-readable. This is insecure. Location: /etc/rancher/k3s/k3s.yaml

### Chart [ puppetserver ] .

 PASS  test jmx serviceMonitor creation tests/jmx-servicemonitor_test.yaml
 PASS  test puppet puppet volume creation       tests/puppetdb-pvc_test.yaml
 PASS  test puppetdb serviceMonitor creation    tests/puppetdb-servicemonitor_test.yaml
 PASS  test puppetdb networkpolicy creation     tests/puppetdb.networkpolicy_test.yaml
 PASS  test puppet ca volume creation   tests/puppetserver-ca-pvc_test.yaml
 PASS  test puppet code volume creation tests/puppetserver-code-pvc_test.yaml
 PASS  test puppetserver compilers statefulset creation tests/puppetserver-compilers.deployment_test.yaml
 PASS  test puppetserver (compilers) networkpolicy creation     tests/puppetserver-compilers.networkpolicy_test.yaml
 PASS  test puppetserver compilers podDisruptionBudget creation tests/puppetserver-compilers.pdb_test.yaml
 PASS  test puppetserver compilers statefulset creation tests/puppetserver-compilers.statefulset_test.yaml
 PASS  test puppet data volume creation tests/puppetserver-data-pvc_test.yaml
 PASS  test puppetserver (masters) networkpolicy creation       tests/puppetserver-masters.networkpolicy_test.yaml
 PASS  test puppetserver master podDisruptionBudget creation    tests/puppetserver-masters.pdb_test.yaml
 PASS  test puppet puppet volume creation       tests/puppetserver-pvc_test.yaml

Charts:      1 passed, 1 total
Test Suites: 14 passed, 14 total
Tests:       71 passed, 71 total
Snapshot:    12 passed, 12 total
Time:        547.567719ms