From 4a83f88f508783d8e9f3c9070dbe89c22b8b32f0 Mon Sep 17 00:00:00 2001 From: vadim-kharin-codefresh Date: Fri, 12 Sep 2025 14:06:08 +0300 Subject: [PATCH 1/7] chore: Fix security vulnerabilities for argo-workflows and argo-events (#716) (cherry picked from commit c9ce4bd2508306cf892576c60943ce7d846bd6db) --- charts/gitops-runtime/Chart.yaml | 61 +++++++++++++++----------------- 1 file changed, 29 insertions(+), 32 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 4f18e3a64..a6958679c 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 -appVersion: 0.1.75 +appVersion: 0.1.72 description: A Helm chart for Codefresh gitops runtime name: gitops-runtime -version: '0.24.2' +version: 0.0.0 home: https://github.com/codefresh-io/gitops-runtime-helm icon: https://avatars1.githubusercontent.com/u/11412079?v=3 keywords: @@ -13,34 +13,31 @@ maintainers: url: https://codefresh-io.github.io/ annotations: artifacthub.io/alternativeName: "codefresh-gitops-runtime" - artifacthub.io/changes: |- - - kind: security - description: 'chore: security fixes in tunnel-client, argo-events jetstreaming, runtime-installer' dependencies: - - name: argo-cd - repository: https://codefresh-io.github.io/argo-helm - condition: argo-cd.enabled - version: 8.0.6-8-cap-v3.0.2-2025-09-07-cdf75df5 - - name: argo-events - repository: https://codefresh-io.github.io/argo-helm - version: 2.4.8-cap-CR-29689 - - name: argo-workflows - repository: https://codefresh-io.github.io/argo-helm - version: 0.45.15-v3.6.7-cap-CR-28355 - condition: argo-workflows.enabled - - name: argo-rollouts - repository: https://codefresh-io.github.io/argo-helm - version: 2.37.3-6-v1.7.2-cap-CR-29629 - condition: argo-rollouts.enabled - - name: sealed-secrets - repository: https://bitnami-labs.github.io/sealed-secrets/ - version: 2.17.2 - condition: sealed-secrets.enabled - - name: codefresh-tunnel-client - repository: oci://quay.io/codefresh/charts - version: 0.1.22 - alias: tunnel-client - condition: tunnel-client.enabled - - name: cf-common - repository: oci://quay.io/codefresh/charts - version: 0.27.0 +- name: argo-cd + repository: https://codefresh-io.github.io/argo-helm + condition: argo-cd.enabled + version: 8.0.6-8-cap-v3.0.2-2025-09-07-cdf75df5 +- name: argo-events + repository: https://codefresh-io.github.io/argo-helm + version: 2.4.9-cap-CR-30841 +- name: argo-workflows + repository: https://codefresh-io.github.io/argo-helm + version: 0.45.16-v3.6.7-cap-CR-30835 + condition: argo-workflows.enabled +- name: argo-rollouts + repository: https://codefresh-io.github.io/argo-helm + version: 2.37.3-6-v1.7.2-cap-CR-29629 + condition: argo-rollouts.enabled +- name: sealed-secrets + repository: https://bitnami-labs.github.io/sealed-secrets/ + version: 2.17.2 + condition: sealed-secrets.enabled +- name: codefresh-tunnel-client + repository: oci://quay.io/codefresh/charts + version: 0.1.22 + alias: tunnel-client + condition: tunnel-client.enabled +- name: cf-common + repository: oci://quay.io/codefresh/charts + version: 0.27.0 From 1671375c7b66de85c8f67cbf77bbba365305950a Mon Sep 17 00:00:00 2001 From: vitaliichyrka Date: Wed, 17 Sep 2025 11:27:42 +0300 Subject: [PATCH 2/7] chore: Fix security vulnerabilities for argo-workflows and argo-events (#716) (cherry picked from commit c9ce4bd2508306cf892576c60943ce7d846bd6db) --- charts/gitops-runtime/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index a6958679c..6371137c5 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 0.1.72 description: A Helm chart for Codefresh gitops runtime name: gitops-runtime -version: 0.0.0 +version: '0.24.2' home: https://github.com/codefresh-io/gitops-runtime-helm icon: https://avatars1.githubusercontent.com/u/11412079?v=3 keywords: From 9771f4cbc45b4e46b979680d984c270b2fcf05db Mon Sep 17 00:00:00 2001 From: vitaliichyrka Date: Wed, 17 Sep 2025 11:28:38 +0300 Subject: [PATCH 3/7] corrected version --- charts/gitops-runtime/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 6371137c5..41560096a 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: 0.1.72 +appVersion: 0.1.75 description: A Helm chart for Codefresh gitops runtime name: gitops-runtime version: '0.24.2' From c3d86ec72b551ebc406c2887c1efba644b3df238 Mon Sep 17 00:00:00 2001 From: vitalii-codefresh Date: Wed, 17 Sep 2025 13:06:48 +0300 Subject: [PATCH 4/7] Update Chart.yaml --- charts/gitops-runtime/Chart.yaml | 54 ++++++++++++++++---------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 41560096a..69eb5397a 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -14,30 +14,30 @@ maintainers: annotations: artifacthub.io/alternativeName: "codefresh-gitops-runtime" dependencies: -- name: argo-cd - repository: https://codefresh-io.github.io/argo-helm - condition: argo-cd.enabled - version: 8.0.6-8-cap-v3.0.2-2025-09-07-cdf75df5 -- name: argo-events - repository: https://codefresh-io.github.io/argo-helm - version: 2.4.9-cap-CR-30841 -- name: argo-workflows - repository: https://codefresh-io.github.io/argo-helm - version: 0.45.16-v3.6.7-cap-CR-30835 - condition: argo-workflows.enabled -- name: argo-rollouts - repository: https://codefresh-io.github.io/argo-helm - version: 2.37.3-6-v1.7.2-cap-CR-29629 - condition: argo-rollouts.enabled -- name: sealed-secrets - repository: https://bitnami-labs.github.io/sealed-secrets/ - version: 2.17.2 - condition: sealed-secrets.enabled -- name: codefresh-tunnel-client - repository: oci://quay.io/codefresh/charts - version: 0.1.22 - alias: tunnel-client - condition: tunnel-client.enabled -- name: cf-common - repository: oci://quay.io/codefresh/charts - version: 0.27.0 + - name: argo-cd + repository: https://codefresh-io.github.io/argo-helm + condition: argo-cd.enabled + version: 8.0.6-8-cap-v3.0.2-2025-09-07-cdf75df5 + - name: argo-events + repository: https://codefresh-io.github.io/argo-helm + version: 2.4.9-cap-CR-30841 + - name: argo-workflows + repository: https://codefresh-io.github.io/argo-helm + version: 0.45.16-v3.6.7-cap-CR-30835 + condition: argo-workflows.enabled + - name: argo-rollouts + repository: https://codefresh-io.github.io/argo-helm + version: 2.37.3-6-v1.7.2-cap-CR-29629 + condition: argo-rollouts.enabled + - name: sealed-secrets + repository: https://bitnami-labs.github.io/sealed-secrets/ + version: 2.17.2 + condition: sealed-secrets.enabled + - name: codefresh-tunnel-client + repository: oci://quay.io/codefresh/charts + version: 0.1.22 + alias: tunnel-client + condition: tunnel-client.enabled + - name: cf-common + repository: oci://quay.io/codefresh/charts + version: 0.27.0 From 3d4976a60fb69a9342890fc53c508f7791c7dddb Mon Sep 17 00:00:00 2001 From: vitalii-codefresh Date: Wed, 17 Sep 2025 13:45:49 +0300 Subject: [PATCH 5/7] Update Chart.yaml --- charts/gitops-runtime/Chart.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 69eb5397a..5c8678acc 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -1,6 +1,9 @@ apiVersion: v2 appVersion: 0.1.75 description: A Helm chart for Codefresh gitops runtime +artifacthub.io/changes: |- + - kind: security + description: 'chore: security fixes in tunnel-client, argo-events jetstreaming, runtime-installer' name: gitops-runtime version: '0.24.2' home: https://github.com/codefresh-io/gitops-runtime-helm From 480985f570e90206427c75abac63ad447a590fa7 Mon Sep 17 00:00:00 2001 From: vitalii-codefresh Date: Wed, 17 Sep 2025 13:46:35 +0300 Subject: [PATCH 6/7] Update Chart.yaml --- charts/gitops-runtime/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 5c8678acc..687fb7441 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -1,9 +1,6 @@ apiVersion: v2 appVersion: 0.1.75 description: A Helm chart for Codefresh gitops runtime -artifacthub.io/changes: |- - - kind: security - description: 'chore: security fixes in tunnel-client, argo-events jetstreaming, runtime-installer' name: gitops-runtime version: '0.24.2' home: https://github.com/codefresh-io/gitops-runtime-helm @@ -16,6 +13,9 @@ maintainers: url: https://codefresh-io.github.io/ annotations: artifacthub.io/alternativeName: "codefresh-gitops-runtime" +artifacthub.io/changes: |- + - kind: security + description: 'chore: security fixes in tunnel-client, argo-events jetstreaming, runtime-installer' dependencies: - name: argo-cd repository: https://codefresh-io.github.io/argo-helm From 2cbea4c35beddac8426d459a44d6df0a8a0cf83b Mon Sep 17 00:00:00 2001 From: vitalii-codefresh Date: Wed, 17 Sep 2025 13:46:53 +0300 Subject: [PATCH 7/7] Update Chart.yaml --- charts/gitops-runtime/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 687fb7441..44c59a657 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -13,7 +13,7 @@ maintainers: url: https://codefresh-io.github.io/ annotations: artifacthub.io/alternativeName: "codefresh-gitops-runtime" -artifacthub.io/changes: |- + artifacthub.io/changes: |- - kind: security description: 'chore: security fixes in tunnel-client, argo-events jetstreaming, runtime-installer' dependencies: