This project contains Terraform scripts to provision cloud infrastructure resources, when using vSphere, and Ansible to apply the needed elements of a Kubernetes cluster that are required to deploy SAS Viya platform product offerings.
Apache License 2.0
23
stars
15
forks
source link
feat: (IAC-1193) Update Dependencies to Resolve Security Issues #92
Updates 3rd party dependencies in this project to resolve security findings from our scanning tool. Consumers of the Dockerfile will automatically have these updated dependencies installed, and users who directly run this project on this host will need to update the dependencies themselves.
Update summary:
ansible 8.0.0 -> 8.6.0
Not a major change, while the bundled collections are updated, ansible-core goes from 2.15.0 -> 2.15.6
helm 3.12.0 -> 3.13.2
terraform 1.4.5 -> 1.6.3
kubectl 1.26.7 -> 1.26.10
hashicorp/vsphere & hashicorp/local are now pinned rather than being a version range.
Note: Although the versions have been bumped up, there are no breaking changes. A user could still use the same 3rd party dependencies from viya4-iac-k8s:3.5.0 and not run into any issues. We will still advise users to update versions in our release notes.
Tests
Scenario
Provider
K8s Version
Order
Cadence
Notes
1
OSS
v1.26.7
**
fast:2020
2
OSS
v1.26.7
n/a
n/a
downgraded the ansible collection version and terraform version to check compatibility
Changes
Updates 3rd party dependencies in this project to resolve security findings from our scanning tool. Consumers of the Dockerfile will automatically have these updated dependencies installed, and users who directly run this project on this host will need to update the dependencies themselves.
Update summary:
ansible
8.0.0 -> 8.6.0ansible-core
goes from 2.15.0 -> 2.15.6helm
3.12.0 -> 3.13.2terraform
1.4.5 -> 1.6.3kubectl
1.26.7 -> 1.26.10hashicorp/vsphere
&hashicorp/local
are now pinned rather than being a version range.Note: Although the versions have been bumped up, there are no breaking changes. A user could still use the same 3rd party dependencies from
viya4-iac-k8s:3.5.0
and not run into any issues. We will still advise users to update versions in our release notes.Tests