-
Notifications
You must be signed in to change notification settings - Fork 362
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Include latest helm release with each vcluster release #1178
Comments
Hi @ThomasK33 , just wanted to follow-up and tag ya, do you have any potential issues with this? |
Hey @jiglesia3 👋 No opposition from my side. Would you be open to updating/contributing the necessary changes? Otherwise, I'd try to squeeze it in next week or so. |
@ThomasK33 , I noticed you already run a command in your Dockerfile to install the latest helm binary, but I'm not sure it was actually run for the past couple releases. I could be mistaken, but please let me know! |
Hey @jiglesia3, I've just updated the helm version to v3.12.3 in the Dockerfile used to build the release image. The updated helm version will be shipped in the next vcluster version, 0.16.0. |
Hey @ThomasK33 , no need to re-open this or anything, but would it be possible for the helm version be updated for the next vcluster release as well? helm just released another version that addresses a couple CVEs according to helm/helm#12419 EDIT: ended up making a PR |
Is your feature request related to a problem?
The latest vcluster release
0.15.6
on August 26, 2023 contains helmv3.11.0
when it should contain the most recent helm releasev3.12.3
(released August 10, 2023). My organization scans the vcluster image with trivy and detects CVEs on the helm binary included in the vcluster image. These CVEs are resolved with changes made to helm and pushed out inv3.12.3
.Which solution do you suggest?
Verify the image is rebuilt and the command in the Dockerfile gets the latest helm binary.
Which alternative solutions exist?
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: