From 4c64392b1c18e1eca6692419b95a2b4440c35567 Mon Sep 17 00:00:00 2001 From: Parikshit Samant Date: Sat, 30 Dec 2023 17:54:33 +0530 Subject: [PATCH 1/4] set kubectl image with cve fixes --- charts/enterprise-kyverno-operator/Chart.yaml | 2 +- .../templates/pre-delete-hook.yaml | 4 ++-- charts/nirmata/Chart.yaml | 2 +- charts/nirmata/values.yaml | 10 +++++----- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/enterprise-kyverno-operator/Chart.yaml b/charts/enterprise-kyverno-operator/Chart.yaml index f945f554..b9b6f048 100644 --- a/charts/enterprise-kyverno-operator/Chart.yaml +++ b/charts/enterprise-kyverno-operator/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: nirmata-kyverno-operator description: Helm Chart for Enterprise Kyverno Operator type: application -version: v0.3.13 +version: v0.3.14 appVersion: v0.2.3 icon: https://github.com/kyverno/kyverno/raw/main/img/logo.png diff --git a/charts/enterprise-kyverno-operator/templates/pre-delete-hook.yaml b/charts/enterprise-kyverno-operator/templates/pre-delete-hook.yaml index 55250df1..bbd5c884 100644 --- a/charts/enterprise-kyverno-operator/templates/pre-delete-hook.yaml +++ b/charts/enterprise-kyverno-operator/templates/pre-delete-hook.yaml @@ -29,10 +29,10 @@ spec: {{- end }} containers: - name: kubectl - image: {{ .Values.predeletehookimage | default "ghcr.io/nirmata/kubectl:1.24" }} + image: {{ .Values.predeletehookimage | default "ghcr.io/nirmata/kubectl:1.28.5" }} imagePullPolicy: IfNotPresent command: - - /bin/sh + - sh - -c - > for i in {{ include "enterprise-kyverno.policysetsStr" . }}; diff --git a/charts/nirmata/Chart.yaml b/charts/nirmata/Chart.yaml index 901fd96f..e78fc494 100644 --- a/charts/nirmata/Chart.yaml +++ b/charts/nirmata/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 type: application name: kyverno -version: 3.0.12 +version: 3.0.13 appVersion: v1.10.6-n4k.nirmata.3 icon: https://github.com/kyverno/kyverno/raw/main/img/logo.png description: Kubernetes Native Policy Management diff --git a/charts/nirmata/values.yaml b/charts/nirmata/values.yaml index 97a4c512..da356db3 100644 --- a/charts/nirmata/values.yaml +++ b/charts/nirmata/values.yaml @@ -316,7 +316,7 @@ webhooksCleanup: # -- Create a helm pre-delete hook to cleanup webhooks. enabled: true # -- `kubectl` image to run commands for deleting webhooks. - image: bitnami/kubectl:latest + image: ghcr.io/nirmata/kubectl:1.28.5 # -- Image pull secrets imagePullSecrets: [] @@ -433,10 +433,10 @@ cleanupJobs: # -- (string) Image registry registry: ~ # -- Image repository - repository: bitnami/kubectl + repository: ghcr.io/nirmata/kubectl # -- Image tag # Defaults to `latest` if omitted - tag: '1.26.4' + tag: '1.28.5' # -- (string) Image pull policy # Defaults to image.pullPolicy if omitted pullPolicy: ~ @@ -504,10 +504,10 @@ cleanupJobs: # -- (string) Image registry registry: ~ # -- Image repository - repository: bitnami/kubectl + repository: ghcr.io/nirmata/kubectl # -- Image tag # Defaults to `latest` if omitted - tag: '1.26.4' + tag: '1.28.5' # -- (string) Image pull policy # Defaults to image.pullPolicy if omitted pullPolicy: ~ From b949f6e445ce0d651a42b595989888a000edb5db Mon Sep 17 00:00:00 2001 From: Parikshit Samant Date: Sat, 30 Dec 2023 22:58:27 +0530 Subject: [PATCH 2/4] revert kubectl changes --- charts/nirmata/Chart.yaml | 2 +- charts/nirmata/values.yaml | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/nirmata/Chart.yaml b/charts/nirmata/Chart.yaml index e78fc494..93d39342 100644 --- a/charts/nirmata/Chart.yaml +++ b/charts/nirmata/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 type: application name: kyverno -version: 3.0.13 +version: 3.0.14 appVersion: v1.10.6-n4k.nirmata.3 icon: https://github.com/kyverno/kyverno/raw/main/img/logo.png description: Kubernetes Native Policy Management diff --git a/charts/nirmata/values.yaml b/charts/nirmata/values.yaml index da356db3..97a4c512 100644 --- a/charts/nirmata/values.yaml +++ b/charts/nirmata/values.yaml @@ -316,7 +316,7 @@ webhooksCleanup: # -- Create a helm pre-delete hook to cleanup webhooks. enabled: true # -- `kubectl` image to run commands for deleting webhooks. - image: ghcr.io/nirmata/kubectl:1.28.5 + image: bitnami/kubectl:latest # -- Image pull secrets imagePullSecrets: [] @@ -433,10 +433,10 @@ cleanupJobs: # -- (string) Image registry registry: ~ # -- Image repository - repository: ghcr.io/nirmata/kubectl + repository: bitnami/kubectl # -- Image tag # Defaults to `latest` if omitted - tag: '1.28.5' + tag: '1.26.4' # -- (string) Image pull policy # Defaults to image.pullPolicy if omitted pullPolicy: ~ @@ -504,10 +504,10 @@ cleanupJobs: # -- (string) Image registry registry: ~ # -- Image repository - repository: ghcr.io/nirmata/kubectl + repository: bitnami/kubectl # -- Image tag # Defaults to `latest` if omitted - tag: '1.28.5' + tag: '1.26.4' # -- (string) Image pull policy # Defaults to image.pullPolicy if omitted pullPolicy: ~ From 2719dd6e71a93a3d5467f87b9afab58a378e31cd Mon Sep 17 00:00:00 2001 From: Parikshit Samant Date: Sat, 30 Dec 2023 23:02:48 +0530 Subject: [PATCH 3/4] revert kubectl changes --- charts/nirmata/values.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/nirmata/values.yaml b/charts/nirmata/values.yaml index da356db3..7270506a 100644 --- a/charts/nirmata/values.yaml +++ b/charts/nirmata/values.yaml @@ -316,7 +316,7 @@ webhooksCleanup: # -- Create a helm pre-delete hook to cleanup webhooks. enabled: true # -- `kubectl` image to run commands for deleting webhooks. - image: ghcr.io/nirmata/kubectl:1.28.5 + image: bitnami/kubectl:latest # -- Image pull secrets imagePullSecrets: [] @@ -433,10 +433,10 @@ cleanupJobs: # -- (string) Image registry registry: ~ # -- Image repository - repository: ghcr.io/nirmata/kubectl + repository: bitnami/kubectl:latest # -- Image tag # Defaults to `latest` if omitted - tag: '1.28.5' + tag: '1.26.4' # -- (string) Image pull policy # Defaults to image.pullPolicy if omitted pullPolicy: ~ @@ -504,10 +504,10 @@ cleanupJobs: # -- (string) Image registry registry: ~ # -- Image repository - repository: ghcr.io/nirmata/kubectl + repository: bitnami/kubectl:latest # -- Image tag # Defaults to `latest` if omitted - tag: '1.28.5' + tag: '1.26.4' # -- (string) Image pull policy # Defaults to image.pullPolicy if omitted pullPolicy: ~ From 799b55bfc39187917a573674b50cef1e33026ee8 Mon Sep 17 00:00:00 2001 From: Parikshit Samant Date: Sat, 30 Dec 2023 23:04:27 +0530 Subject: [PATCH 4/4] revert kubectl changes --- charts/nirmata/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/nirmata/values.yaml b/charts/nirmata/values.yaml index 7270506a..97a4c512 100644 --- a/charts/nirmata/values.yaml +++ b/charts/nirmata/values.yaml @@ -433,7 +433,7 @@ cleanupJobs: # -- (string) Image registry registry: ~ # -- Image repository - repository: bitnami/kubectl:latest + repository: bitnami/kubectl # -- Image tag # Defaults to `latest` if omitted tag: '1.26.4' @@ -504,7 +504,7 @@ cleanupJobs: # -- (string) Image registry registry: ~ # -- Image repository - repository: bitnami/kubectl:latest + repository: bitnami/kubectl # -- Image tag # Defaults to `latest` if omitted tag: '1.26.4'