From ef6afa181176515b3614525a4c13f9a647a77100 Mon Sep 17 00:00:00 2001 From: Vasil Sudakou Date: Tue, 26 May 2026 13:12:07 +0400 Subject: [PATCH 1/5] fix: security vulnerabilities in gitops-runtime-installer --- installer-image/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/installer-image/Dockerfile b/installer-image/Dockerfile index 5e0e8e60..5b067955 100644 --- a/installer-image/Dockerfile +++ b/installer-image/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1 # DHI source: https://hub.docker.com/repository/docker/octopusdeploy/dhi-golang/tags/1.25-debian13-dev -FROM octopusdeploy/dhi-golang:1.25-debian13-dev@sha256:6ab2431d046a2e21dbcbcb5111e94bec59650d302ec0ac34e696e7e44f708044 AS build +FROM octopusdeploy/dhi-golang:1.25-debian13-dev@sha256:9df1a12a7a9ee811efe2929045a7eabb8617329e8ce01a3296f4af095f89522c AS build ARG TARGETARCH ARG CF_CLI_VERSION=v1.0.3 RUN go install github.com/davidrjonas/semver-cli@latest \ @@ -11,7 +11,7 @@ ADD --unpack=true --chown=nonroot:nonroot --chmod=755 https://github.com/codefre # DHI source: https://hub.docker.com/repository/docker/octopusdeploy/dhi-debian-base/customizations/8106437942896324135 -FROM octopusdeploy/dhi-debian-base:trixie_cf-gitops-runtime-installer-debian13@sha256:3c5a8f5bf49a3777527797677b3c8c426b0a38a466f3a79f5e059b6adc21943d AS production +FROM octopusdeploy/dhi-debian-base:trixie_cf-gitops-runtime-installer-debian13@sha256:5de4afaf8d55ff711756e2ebd9e27fc05374c37d3805acf85dfed70ef07fbee2 AS production ARG TARGETARCH COPY --from=build --chown=nonroot:nonroot --chmod=755 /tmp/cf/cf-linux-${TARGETARCH} /usr/local/bin/cf COPY --from=build --chown=nonroot:nonroot --chmod=755 /tmp/semver-cli /usr/local/bin/semver-cli From 29e91f8607ec9e176afca93f96bbaabd4f6d0619 Mon Sep 17 00:00:00 2001 From: "codefresh-git-integration[bot]" <151943927+codefresh-git-integration[bot]@users.noreply.github.com> Date: Tue, 26 May 2026 09:22:33 +0000 Subject: [PATCH 2/5] CI Automatic commit - align Chart version --- charts/gitops-runtime/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 9fb2bc3f..60607de2 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 appVersion: 0.2.3 description: A Helm chart for Codefresh gitops runtime name: gitops-runtime -version: 0.29.11 +version: 0.29.12 home: https://github.com/codefresh-io/gitops-runtime-helm icon: https://avatars1.githubusercontent.com/u/11412079?v=3 keywords: From afc6aa4b96c71410c8a9fb315022b0c425c87422 Mon Sep 17 00:00:00 2001 From: Vasil Sudakou Date: Thu, 28 May 2026 18:31:34 +0400 Subject: [PATCH 3/5] fix(argo-workflows): security vulnerabilities --- charts/gitops-runtime/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/gitops-runtime/Chart.yaml b/charts/gitops-runtime/Chart.yaml index 60607de2..4da9d4b0 100644 --- a/charts/gitops-runtime/Chart.yaml +++ b/charts/gitops-runtime/Chart.yaml @@ -33,7 +33,7 @@ dependencies: version: 9.5.11 - name: argo-workflows repository: https://codefresh-io.github.io/argo-helm - version: 0.45.22-v3.6.7-cap-CR-39681 + version: 0.45.23-v3.6.7-cap-CFS-7012 condition: argo-workflows.enabled - name: sealed-secrets repository: https://bitnami-labs.github.io/sealed-secrets/ From 2e616771229097b4653fcc2f6745f20633c9fa01 Mon Sep 17 00:00:00 2001 From: alinashklyar Date: Thu, 28 May 2026 19:04:34 +0400 Subject: [PATCH 4/5] empty From 1a316b0dcd82cc8488cf0514112f3a102bedc79c Mon Sep 17 00:00:00 2001 From: alinashklyar Date: Fri, 29 May 2026 17:08:26 +0400 Subject: [PATCH 5/5] empty