sprint production release 2022.06.20

[harshad16]

Hello, Thoth-station!

This Issue would be used for the current sprint cycle production release. By the end of the sprint cycle, we will consolidate the information of thoth-station components features upgrade and fixes in this issue.

/kind documentation /area release-eng /triage accepted /priority important-soon

[fridex]

Allow certain CVEs to be present in the application

Users of Thoth can now configure selectively which CVEs can be present in the application. It is possible to select which CVEs can be present in the application by enumerating them in the .thoth.yaml configuration file in labels section (comma separated listing):

labels:
  allow-cve: PYSEC-2014-10,PYSEC-2014-22,PYSEC-2014-23

Another option is to pass labels configuration to Thamos CLI:

thamos advise --labels allow-cve=PYSEC-2014-10,PYSEC-2014-22,PYSEC-2014-23

• https://github.com/thoth-station/adviser/pull/2348
• https://github.com/thoth-station/adviser/issues/2342

[mayaCostantini]

First Thoth Adviser GitHub Action release

The Thoth Adviser GitHub Action is now available on the GitHub Marketplace.

The action now supports overlays for users to get advise on different runtime environments:

• https://github.com/thoth-station/thoth-github-action/issues/31
• https://github.com/thoth-station/thoth-github-action/pull/32

And allows to ignore CVE specified in input:

• https://github.com/thoth-station/thoth-github-action/issues/27
• https://github.com/thoth-station/thoth-github-action/pull/47

[harshad16]

we have completed the release for v2022.06.20 :tada: :confetti_ball: :partying_face:

Features

Project Thoth-station help site is up

Users can now use the project thoth-station help site https://thoth-station.ninja/help/, to get details on support, project thoth-station community structure, and metrics on the project.

Allow certain CVEs to be present in the application

Users of Thoth can now configure selectively which CVEs can be present in the application. It is possible to select which CVEs can be present in the application by enumerating them in the .thoth.yaml configuration file in labels section (comma separated listing):

labels:
  allow-cve: PYSEC-2014-10,PYSEC-2014-22,PYSEC-2014-23

Another option is to pass labels configuration to Thamos CLI:

thamos advise --labels allow-cve=PYSEC-2014-10,PYSEC-2014-22,PYSEC-2014-23

• https://github.com/thoth-station/adviser/pull/2348
• https://github.com/thoth-station/adviser/issues/2342

First Thoth Adviser GitHub Action release

The Thoth Adviser GitHub Action is now available on the GitHub Marketplace.

The action now supports overlays for users to get advise on different runtime environments:

• https://github.com/thoth-station/thoth-github-action/issues/31
• https://github.com/thoth-station/thoth-github-action/pull/32

And allows to ignore CVE specified in input:

• https://github.com/thoth-station/thoth-github-action/issues/27
• https://github.com/thoth-station/thoth-github-action/pull/47

Component Updates

• [x] adviser: v0.56.0

  • https://github.com/thoth-station/adviser/pull/2348
  • https://github.com/thoth-station/adviser/pull/2341

• [x] prescriptions-refresh-job: v0.7.1

  • https://github.com/thoth-station/prescriptions-refresh-job/pull/163

• [x] kebechet: v1.10.0

  • https://github.com/thoth-station/kebechet/pull/1058
  • https://github.com/thoth-station/kebechet/pull/1065

Thanks for the amazing work everyone. :100: