UNCLASSIFIED - NO CUI

Skip to content

Update kubescape images

Summary

Request to update an application in Iron Bank. Link to issue: big-bang/apps/sandbox/compliance-dashboard#30

Upgrade Kubescape Version: v3.0.31 source code: https://github.com/kubescape/kubescape/tree/master/httphandler

Upgrade kubescape/operator Version: v0.2.77 source code: https://github.com/kubescape/operator

Upgrade kubescape/kubevuln Version: v0.3.66 source code: https://github.com/kubescape/kubevuln

Upgrade kubescape/host-scanner Version: v1.0.71 source code: https://github.com/kubescape/host-scanner

Upgrade kubescape/storage Version: v0.0.166 source code: https://github.com/kubescape/storage

Upgrade kubescape/klamav version: 1.3.1-34_alpha source code: https://github.com/kubescape/node-agent/tree/main/clamav

Upgrade kubescape/synchronizer version: v0.0.102 source code: https://github.com/kubescape/synchronizer

Upgrade kubescape/opentelemetry-collector version: 0.108.0

upgrade kubescape/http-request version: v0.2.11 source code: https://github.com/kubescape/http-request

upgrade prometheus-exporter version: v0.2.3 source code: https://github.com/kubescape/prometheus-exporter

upgrade helm-release-upgrader version: v0.1.0

upgrade kubescape/grype-offline-db

Use previous dockerfile, and add new update binaries from source

Tasks

Contributor:

  • Update Dockerfile, hardening_manifest.yaml and adhere to Iron Bank requirements
  • Ensure container builds successfully in the Iron Bank pipeline prior to creating an Merge Request to Development.
  • Provide justifications for findings in the VAT
  • Open a Merge Request from your branch to development
  • Apply the StatusReview label to this issue and wait for feedback
Note: You must manually apply the StatusReview label in order to have a CHT member review your merge request.

Iron Bank:

  • Merge contributor branch to development
  • Review findings and justifications
  • Merge development to master and close issue

Note: If the above process is rejected for any reason, the Status::Verification label will be removed and the issue will be sent back to Open. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add the Status::Verification label.

Questions?

Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding.

Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.

Please read the Iron Bank Documentation for more info

Edited by Jasdeep Basra

UNCLASSIFIED - NO CUI