From b48cea1e8cc8969cd11dd94b647fc4150a25db89 Mon Sep 17 00:00:00 2001 From: TrueCharts-Bot Date: Sun, 23 Jan 2022 14:17:04 +0000 Subject: [PATCH] Commit released Helm Chart and docs for TrueCharts Signed-off-by: TrueCharts-Bot --- .../incubator/airdcpp-webclient/CHANGELOG.md | 1 - .../incubator/airdcpp-webclient/security.md | 11 ++++----- charts/library/common/CHANGELOG.md | 9 ++++++++ charts/library/common/helm-values.md | 2 ++ docs/apps/common/helm-values.md | 2 ++ .../incubator/airdcpp-webclient/CHANGELOG.md | 1 - .../incubator/airdcpp-webclient/security.md | 11 ++++----- docs/index.yaml | 23 ++++++++++++++++++- 8 files changed, 43 insertions(+), 17 deletions(-) diff --git a/charts/incubator/airdcpp-webclient/CHANGELOG.md b/charts/incubator/airdcpp-webclient/CHANGELOG.md index 5684ecd5662..03313242c89 100644 --- a/charts/incubator/airdcpp-webclient/CHANGELOG.md +++ b/charts/incubator/airdcpp-webclient/CHANGELOG.md @@ -7,4 +7,3 @@ #### Feat * Add airdcpp-webclient ([#1752](https://github.com/truecharts/apps/issues/1752)) - diff --git a/charts/incubator/airdcpp-webclient/security.md b/charts/incubator/airdcpp-webclient/security.md index f3d53edada2..b823d32d8b5 100644 --- a/charts/incubator/airdcpp-webclient/security.md +++ b/charts/incubator/airdcpp-webclient/security.md @@ -12,9 +12,9 @@ hide: ##### Scan Results #### Chart Object: airdcpp-webclient/templates/common.yaml - - + + | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'RELEASE-NAME-airdcpp-webclient' of Deployment 'RELEASE-NAME-airdcpp-webclient' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| @@ -37,11 +37,11 @@ hide: #### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2) - + **alpine** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| @@ -66,6 +66,3 @@ hide: | ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 |
Expand...https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
| - - - diff --git a/charts/library/common/CHANGELOG.md b/charts/library/common/CHANGELOG.md index 973b343befd..88bbb6ef612 100644 --- a/charts/library/common/CHANGELOG.md +++ b/charts/library/common/CHANGELOG.md @@ -1,6 +1,15 @@ # Changelog
+ +### [common-8.14.0](https://github.com/truecharts/apps/compare/common-8.13.5...common-8.14.0) (2022-01-23) + +#### Feat + +* add upgrade and install specific initContainers + + + ### [common-8.13.5](https://github.com/truecharts/apps/compare/common-8.13.4...common-8.13.5) (2022-01-22) diff --git a/charts/library/common/helm-values.md b/charts/library/common/helm-values.md index 08371d2fc29..b17d87daa19 100644 --- a/charts/library/common/helm-values.md +++ b/charts/library/common/helm-values.md @@ -107,6 +107,7 @@ This chart is used by a lot of our Apps to provide sane defaults and logic. | ingress.main.tls | list | `[]` | Configure TLS for the ingress. Both secretName and hosts can process a Helm template. | | ingressList | list | [] | Configure ingressList for the chart here. Additional items can be added by adding a items similar to ingress | | initContainers | object | `{}` | Specify any initContainers here as dictionary items. Each initContainer should have its own key. The dictionary item key will determine the order. Helm templates can be used. | +| installContainers | object | `{}` | These containers will be run, as an initcontainer, a single time at install only. | | lifecycle | object | `{}` | Configure the lifecycle for the main container | | mariadb | object | See below | mariadb dependency configuration | | mariadb.url | object | `{}` | can be used to make an easy accessable note which URLS to use to access the DB. | @@ -254,6 +255,7 @@ This chart is used by a lot of our Apps to provide sane defaults and logic. | tolerations | list | `[]` | Specify taint tolerations [[ref]](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) | | topologySpreadConstraints | list | `[]` | Defines topologySpreadConstraint rules. [[ref]](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/) | | tty | bool | `false` | Determines whether containers in a pod runs with TTY enabled. | +| upgradeContainers | object | `{}` | These containers will be run, as an initcontainer, a single time at each edit or update of the chart. | | volumeClaimTemplates | list | `[]` | Used in conjunction with `controller.type: statefulset` to create individual disks for each instance. | | wireguardImage | object | See below | WireGuard specific configuration | | wireguardImage.pullPolicy | string | `"IfNotPresent"` | Specify the WireGuard image pull policy | diff --git a/docs/apps/common/helm-values.md b/docs/apps/common/helm-values.md index 08371d2fc29..b17d87daa19 100644 --- a/docs/apps/common/helm-values.md +++ b/docs/apps/common/helm-values.md @@ -107,6 +107,7 @@ This chart is used by a lot of our Apps to provide sane defaults and logic. | ingress.main.tls | list | `[]` | Configure TLS for the ingress. Both secretName and hosts can process a Helm template. | | ingressList | list | [] | Configure ingressList for the chart here. Additional items can be added by adding a items similar to ingress | | initContainers | object | `{}` | Specify any initContainers here as dictionary items. Each initContainer should have its own key. The dictionary item key will determine the order. Helm templates can be used. | +| installContainers | object | `{}` | These containers will be run, as an initcontainer, a single time at install only. | | lifecycle | object | `{}` | Configure the lifecycle for the main container | | mariadb | object | See below | mariadb dependency configuration | | mariadb.url | object | `{}` | can be used to make an easy accessable note which URLS to use to access the DB. | @@ -254,6 +255,7 @@ This chart is used by a lot of our Apps to provide sane defaults and logic. | tolerations | list | `[]` | Specify taint tolerations [[ref]](https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) | | topologySpreadConstraints | list | `[]` | Defines topologySpreadConstraint rules. [[ref]](https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/) | | tty | bool | `false` | Determines whether containers in a pod runs with TTY enabled. | +| upgradeContainers | object | `{}` | These containers will be run, as an initcontainer, a single time at each edit or update of the chart. | | volumeClaimTemplates | list | `[]` | Used in conjunction with `controller.type: statefulset` to create individual disks for each instance. | | wireguardImage | object | See below | WireGuard specific configuration | | wireguardImage.pullPolicy | string | `"IfNotPresent"` | Specify the WireGuard image pull policy | diff --git a/docs/apps/incubator/airdcpp-webclient/CHANGELOG.md b/docs/apps/incubator/airdcpp-webclient/CHANGELOG.md index 5684ecd5662..03313242c89 100644 --- a/docs/apps/incubator/airdcpp-webclient/CHANGELOG.md +++ b/docs/apps/incubator/airdcpp-webclient/CHANGELOG.md @@ -7,4 +7,3 @@ #### Feat * Add airdcpp-webclient ([#1752](https://github.com/truecharts/apps/issues/1752)) - diff --git a/docs/apps/incubator/airdcpp-webclient/security.md b/docs/apps/incubator/airdcpp-webclient/security.md index f3d53edada2..b823d32d8b5 100644 --- a/docs/apps/incubator/airdcpp-webclient/security.md +++ b/docs/apps/incubator/airdcpp-webclient/security.md @@ -12,9 +12,9 @@ hide: ##### Scan Results #### Chart Object: airdcpp-webclient/templates/common.yaml - - + + | Type | Misconfiguration ID | Check | Severity | Explaination | Links | |:----------------|:------------------:|:-----------:|:------------------:|-----------------------------------------|-----------------------------------------| | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'RELEASE-NAME-airdcpp-webclient' of Deployment 'RELEASE-NAME-airdcpp-webclient' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| @@ -37,11 +37,11 @@ hide: #### Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2) - + **alpine** - + | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | busybox | CVE-2021-42378 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| @@ -66,6 +66,3 @@ hide: | ssl_client | CVE-2021-42386 | HIGH | 1.33.1-r3 | 1.33.1-r6 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | ssl_client | CVE-2021-42374 | MEDIUM | 1.33.1-r3 | 1.33.1-r4 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
https://ubuntu.com/security/notices/USN-5179-1
| | ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 |
Expand...https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://security.netapp.com/advisory/ntap-20211223-0002/
| - - - diff --git a/docs/index.yaml b/docs/index.yaml index 874b7cc4c50..556f2427c53 100644 --- a/docs/index.yaml +++ b/docs/index.yaml @@ -4871,6 +4871,27 @@ entries: - https://github.com/truecharts/apps/releases/download/collabora-online-9.0.20/collabora-online-9.0.20.tgz version: 9.0.20 common: + - apiVersion: v2 + appVersion: latest + created: "2022-01-23T14:17:03.626570088Z" + description: Function library for TrueCharts + digest: 99769308eab5301e6bf5407b5c9b91df5ac79bc03d38905976720450597cb497 + home: https://github.com/truecharts/apps/tree/master/charts/common + icon: https://avatars.githubusercontent.com/u/76400755 + keywords: + - truecharts + - library-chart + - common + kubeVersion: '>=1.16.0-0' + maintainers: + - email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org + name: common + type: library + urls: + - https://github.com/truecharts/apps/releases/download/common-8.14.0/common-8.14.0.tgz + version: 8.14.0 - apiVersion: v2 appVersion: latest created: "2022-01-22T11:40:10.649914739Z" @@ -52113,4 +52134,4 @@ entries: urls: - https://github.com/truecharts/apps/releases/download/zwavejs2mqtt-9.0.24/zwavejs2mqtt-9.0.24.tgz version: 9.0.24 -generated: "2022-01-22T20:56:56.147872479Z" +generated: "2022-01-23T14:17:03.630623618Z"