Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: bump karma container image to address critical CVEs (2.7) #1773

Merged
merged 1 commit into from
Dec 19, 2023
Merged

fix: bump karma container image to address critical CVEs (2.7) #1773

merged 1 commit into from
Dec 19, 2023

Conversation

mhrabovcin
Copy link
Contributor

Backport of #1770

  • fix: bump karma container image to address critical CVEs

  • chore: update licenses for karma

  • fix: use mesosphere repo source for karma image

  • fix: use karma chart version 2.0.2

What problem does this PR solve?:

Which issue(s) does this PR fix?:

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

Checklist

  • If the PR adds a version bump, ensure there is no breaking change in Licensing model (or NA).
  • If a chart is changed or app configuration is significantly changed, the chart version is correctly incremented (so that apps are not automatically upgraded from a previous version of DKP).

@mhrabovcin
fix: bump karma container image to address critical CVEs (#1770)
f5295a1 
* fix: bump karma container image to address critical CVEs

* chore: update licenses for karma

* fix: use mesosphere repo source for karma image

* fix: use karma chart version 2.0.2
@mhrabovcin mhrabovcin self-assigned this Dec 19, 2023
@github-actions github-actions bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Dec 19, 2023
@d2iq-mergebot
Copy link
Contributor

This repo has @d2iq-mergebot integration. You can perform the following commands by submitting a comment. Submit a comment with content "@d2iq-mergebot help" to view more detailed help text and examples. Be sure the have a look at the mergebot documentation, too.For help using mergebot, please refer to the README file here: https://github.com/mesosphere/mergebot/blob/main/README.md
Enabled Mergebot commands:
@d2iq-mergebot test all
@d2iq-mergebot test
@d2iq-mergebot override-status
@d2iq-mergebot help
@d2iq-mergebot backport

@mhrabovcin mhrabovcin changed the title fix: bump karma container image to address critical CVEs (#1770) fix: bump karma container image to address critical CVEs (2.7) Dec 19, 2023
@mhrabovcin mhrabovcin added the ok-to-test Signals mergebot that CI checks are ready to be kicked off label Dec 19, 2023
@mhrabovcin mhrabovcin merged commit 591933e into release-2.7 Dec 19, 2023
23 of 24 checks passed
@mhrabovcin mhrabovcin deleted the mh/karma/fix-critical-cves-27 branch December 19, 2023 11:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@palexster palexster palexster approved these changes

@mikolajb mikolajb Awaiting requested review from mikolajb

Assignees

@mhrabovcin mhrabovcin

Labels
ok-to-test Signals mergebot that CI checks are ready to be kicked off ready-for-review size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mhrabovcin @d2iq-mergebot @palexster