From 55de2b9dab8d0d4c2910cf0e9766b7ce2cd50d71 Mon Sep 17 00:00:00 2001 From: 34FathomBelow <34fathombelow@protonmail.com> Date: Wed, 20 Jul 2022 14:10:17 -0700 Subject: [PATCH] chore: update redis to 7.0.4 avoid CVE-2022-30065 (#10059) Signed-off-by: Justin Marquis <34fathombelow@protonmail.com> --- .github/workflows/ci-build.yaml | 2 +- manifests/base/redis/argocd-redis-deployment.yaml | 2 +- manifests/core-install.yaml | 2 +- manifests/ha/base/redis-ha/chart/upstream.yaml | 6 +++--- manifests/ha/base/redis-ha/chart/values.yaml | 2 +- manifests/ha/install.yaml | 6 +++--- manifests/ha/namespace-install.yaml | 6 +++--- manifests/install.yaml | 2 +- manifests/namespace-install.yaml | 2 +- test/container/Dockerfile | 2 +- 10 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/ci-build.yaml b/.github/workflows/ci-build.yaml index 58de56108dcd6..c34c819a22922 100644 --- a/.github/workflows/ci-build.yaml +++ b/.github/workflows/ci-build.yaml @@ -407,7 +407,7 @@ jobs: run: | docker pull quay.io/dexidp/dex:v2.25.0 docker pull argoproj/argo-cd-ci-builder:v1.0.0 - docker pull redis:7.0.0-alpine + docker pull redis:7.0.4-alpine - name: Create target directory for binaries in the build-process run: | mkdir -p dist diff --git a/manifests/base/redis/argocd-redis-deployment.yaml b/manifests/base/redis/argocd-redis-deployment.yaml index a2e4dd7455f0e..9f75c5a3215a2 100644 --- a/manifests/base/redis/argocd-redis-deployment.yaml +++ b/manifests/base/redis/argocd-redis-deployment.yaml @@ -21,7 +21,7 @@ spec: serviceAccountName: argocd-redis containers: - name: redis - image: redis:7.0.0-alpine + image: redis:7.0.4-alpine imagePullPolicy: Always args: - "--save" diff --git a/manifests/core-install.yaml b/manifests/core-install.yaml index 09abc4271cb79..3fa256a8c1fc9 100644 --- a/manifests/core-install.yaml +++ b/manifests/core-install.yaml @@ -9465,7 +9465,7 @@ spec: - "" - --appendonly - "no" - image: redis:7.0.0-alpine + image: redis:7.0.4-alpine imagePullPolicy: Always name: redis ports: diff --git a/manifests/ha/base/redis-ha/chart/upstream.yaml b/manifests/ha/base/redis-ha/chart/upstream.yaml index 5b7ad19c443ea..2a75fb9cf8249 100644 --- a/manifests/ha/base/redis-ha/chart/upstream.yaml +++ b/manifests/ha/base/redis-ha/chart/upstream.yaml @@ -878,7 +878,7 @@ spec: automountServiceAccountToken: false initContainers: - name: config-init - image: redis:7.0.3-alpine + image: redis:7.0.4-alpine imagePullPolicy: IfNotPresent resources: {} @@ -906,7 +906,7 @@ spec: containers: - name: redis - image: redis:7.0.3-alpine + image: redis:7.0.4-alpine imagePullPolicy: IfNotPresent command: - redis-server @@ -947,7 +947,7 @@ spec: lifecycle: {} - name: sentinel - image: redis:7.0.3-alpine + image: redis:7.0.4-alpine imagePullPolicy: IfNotPresent command: - redis-sentinel diff --git a/manifests/ha/base/redis-ha/chart/values.yaml b/manifests/ha/base/redis-ha/chart/values.yaml index 237d82c71885b..9123ab7db988f 100644 --- a/manifests/ha/base/redis-ha/chart/values.yaml +++ b/manifests/ha/base/redis-ha/chart/values.yaml @@ -15,6 +15,6 @@ redis-ha: client: 6m checkInterval: 3s image: - tag: 7.0.3-alpine + tag: 7.0.4-alpine sentinel: bind: "0.0.0.0" diff --git a/manifests/ha/install.yaml b/manifests/ha/install.yaml index 31fac1dd034b1..798ca6bdea3d0 100644 --- a/manifests/ha/install.yaml +++ b/manifests/ha/install.yaml @@ -11299,7 +11299,7 @@ spec: - /data/conf/redis.conf command: - redis-server - image: redis:7.0.3-alpine + image: redis:7.0.4-alpine imagePullPolicy: IfNotPresent lifecycle: {} livenessProbe: @@ -11337,7 +11337,7 @@ spec: - /data/conf/sentinel.conf command: - redis-sentinel - image: redis:7.0.3-alpine + image: redis:7.0.4-alpine imagePullPolicy: IfNotPresent lifecycle: {} livenessProbe: @@ -11383,7 +11383,7 @@ spec: value: 40000915ab58c3fa8fd888fb8b24711944e6cbb4 - name: SENTINEL_ID_2 value: 2bbec7894d954a8af3bb54d13eaec53cb024e2ca - image: redis:7.0.3-alpine + image: redis:7.0.4-alpine imagePullPolicy: IfNotPresent name: config-init volumeMounts: diff --git a/manifests/ha/namespace-install.yaml b/manifests/ha/namespace-install.yaml index c20363a170600..98445977314d1 100644 --- a/manifests/ha/namespace-install.yaml +++ b/manifests/ha/namespace-install.yaml @@ -2223,7 +2223,7 @@ spec: - /data/conf/redis.conf command: - redis-server - image: redis:7.0.3-alpine + image: redis:7.0.4-alpine imagePullPolicy: IfNotPresent lifecycle: {} livenessProbe: @@ -2261,7 +2261,7 @@ spec: - /data/conf/sentinel.conf command: - redis-sentinel - image: redis:7.0.3-alpine + image: redis:7.0.4-alpine imagePullPolicy: IfNotPresent lifecycle: {} livenessProbe: @@ -2307,7 +2307,7 @@ spec: value: 40000915ab58c3fa8fd888fb8b24711944e6cbb4 - name: SENTINEL_ID_2 value: 2bbec7894d954a8af3bb54d13eaec53cb024e2ca - image: redis:7.0.3-alpine + image: redis:7.0.4-alpine imagePullPolicy: IfNotPresent name: config-init volumeMounts: diff --git a/manifests/install.yaml b/manifests/install.yaml index 48ffdee1a2cf7..caedbb783ee86 100644 --- a/manifests/install.yaml +++ b/manifests/install.yaml @@ -9904,7 +9904,7 @@ spec: - "" - --appendonly - "no" - image: redis:7.0.0-alpine + image: redis:7.0.4-alpine imagePullPolicy: Always name: redis ports: diff --git a/manifests/namespace-install.yaml b/manifests/namespace-install.yaml index 1be23e023aa2c..c3fb3497301e7 100644 --- a/manifests/namespace-install.yaml +++ b/manifests/namespace-install.yaml @@ -828,7 +828,7 @@ spec: - "" - --appendonly - "no" - image: redis:7.0.0-alpine + image: redis:7.0.4-alpine imagePullPolicy: Always name: redis ports: diff --git a/test/container/Dockerfile b/test/container/Dockerfile index 011f3913ff705..9122f650bc27c 100644 --- a/test/container/Dockerfile +++ b/test/container/Dockerfile @@ -1,4 +1,4 @@ -FROM redis:7.0.0 as redis +FROM redis:7.0.4 as redis FROM node:12.18.4-buster as node