Comments (8)
hpvd
commented on August 29, 2024
1
upgrading kube-prometheus-stack sounds great!
The current state of v3.2.0:
241 vulnerabilities (200 fixable) have been detected in this package's images.
from pulsar-helm-chart.
hpvd
commented on August 29, 2024
Details for Part (1):
from pulsar-helm-chart.
hpvd
commented on August 29, 2024
Details for Part (2):
latest versions of tools included in helm chart, newer version available: red font:
- https://github.com/grafana/grafana/releases 9.2.3 (2022-10-31)
- https://github.com/kiwigrid/k8s-sidecar/releases v1.19.5 (2022-09-15)
- https://github.com/prometheus/prometheus/releases 2.39.1 (2022-10-07)
- https://github.com/prometheus/node_exporter/releases 1.4.0 (2022-09-24)
- https://github.com/prometheus-operator/prometheus-operator/releases 0.60.1 (2022-10-10)
- https://github.com/kubernetes/kube-state-metrics/releases v2.6.0 (2022-08-26)
from pulsar-helm-chart.
hpvd
commented on August 29, 2024
just openend an issues for Part (1): apache/pulsar#18348
so this is mostly about Part (2)
from pulsar-helm-chart.
hpvd
commented on August 29, 2024
update: todays state
206 vulnerabilities (123 fixable) have been detected in this package's images.
https://artifacthub.io/packages/helm/apache/pulsar?modal=security-report
from pulsar-helm-chart.
lhotari
commented on August 29, 2024
Closing this issue since the latest release is 3.2.0 . The next release 3.3.0 will upgrade kube-prometheus-stack to 56.x so that will address some problems.
from pulsar-helm-chart.
hpvd
commented on August 29, 2024
just an update on this:
The current state of v3.3.0:
205 vulnerabilities (150 fixable) have been detected in this package's images.
source: https://artifacthub.io/packages/helm/apache/pulsar?modal=security-report
from pulsar-helm-chart.
lhotari
commented on August 29, 2024
just an update on this:
The current state of v3.3.0: 205 vulnerabilities (150 fixable) have been detected in this package's images. source: https://artifacthub.io/packages/helm/apache/pulsar?modal=security-report
thanks @hpvd . There's 3.3.1 in voting, please see https://lists.apache.org/thread/2f3mx74o52xsxvt1y72phxk1jxl5tt60 .
In the Apache Pulsar Helm chart project, there is a shortage of active contributors to the project. I'd highly appreciate pull requests to address security vulnerabilities so that things could improve. This is a community driven project and it won't move forward without contributors that volunteer to improve things. If you would be interested in contributing, I could help in getting started.
from pulsar-helm-chart.
Related Issues (20)
- Followup: Error "Invalid Roles" during Handshake when connecting to broker via TLS with JWT-Auth HOT 7
- Create 2 services for brokers: a headless service with publishNotReadyAddresses and an ordinary clusterip service for lookups
- Documentation about Helm deployment in Pulsar documentation is out-dated HOT 1
- Don't expose services via load balancers publicly by default. Take the chart more towards "secure-by-default" direction HOT 1
- Liveness probe failed: HTTP probe failed with statuscode: 401 HOT 9
- Pulsar Manager Persistence in HerdDB HOT 4
- After enabling TLS, pulsar manager cannot add environment HOT 3
- Rollback failed: serviceaccount not found HOT 6
- [CI] ci::test_pulsar_manager environment check is flaky HOT 10
- Node does not exist HOT 4
- Requires AWS access/secret key when offload driver is set to aws-s3 HOT 2
- not able to login to pulsar UI HOT 7
- No data shown in Grafana Dashboards HOT 2
- Pulsar Manager v0.4.0 in kubernetes still can not persist any data HOT 1
- Argo CD unable to generate template with pulsar chart 3.3.0 HOT 5
- Deployment using JWT authentication + Function Worker is not working properly HOT 1
- [Bug] Broker startup could get into a long crash loop when Functions are enabled HOT 1
- Allow using a separate volume for the zookeeper transaction log
- Allow specifying an existing secret for pulsar-manager credentials
- Make it possible to optionally override .ReleaseIsInstall logic in init jobs
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pulsar-helm-chart.