Commit Graph

76 Commits

Author SHA1 Message Date
dependabot[bot]
c286ab3c0a rebase: bump github.com/aws/aws-sdk-go from 1.41.10 to 1.41.15
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.41.10 to 1.41.15.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.41.10...v1.41.15)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-02 20:48:31 +00:00
dependabot[bot]
b344a9f463 rebase: bump github.com/hashicorp/vault/api from 1.2.0 to 1.3.0
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v1.2.0...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-02 10:39:23 +00:00
dependabot[bot]
c8e78089f7 rebase: bump github.com/aws/aws-sdk-go from 1.41.5 to 1.41.10
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.41.5 to 1.41.10.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.41.5...v1.41.10)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-26 06:55:16 +00:00
dependabot[bot]
5280b67327 rebase: bump github.com/hashicorp/vault/api from 1.1.1 to 1.2.0
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/hashicorp/vault/releases)
- [Changelog](https://github.com/hashicorp/vault/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/vault/compare/v1.1.1...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/vault/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-20 13:57:39 +00:00
Niels de Vos
9bd9f5e91d rebase: update github.com/hashicorp/vault/sdk to latest
The github.com/hashicorp/vault/sdk was listed in the replace section,
most likely because using a newer version failed. By adding a missing
tagged version to the `exclude` section in go.mod, updating the package
works fine.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-10-20 13:57:39 +00:00
dependabot[bot]
6ffb91c047 rebase: bump github.com/aws/aws-sdk-go from 1.41.0 to 1.41.5
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.41.0 to 1.41.5.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.41.0...v1.41.5)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-19 17:52:53 +00:00
dependabot[bot]
a66012a5d4 rebase: bump github.com/ceph/go-ceph from 0.11.0 to 0.12.0
Bumps [github.com/ceph/go-ceph](https://github.com/ceph/go-ceph) from 0.11.0 to 0.12.0.
- [Release notes](https://github.com/ceph/go-ceph/releases)
- [Changelog](https://github.com/ceph/go-ceph/blob/master/docs/release-process.md)
- [Commits](https://github.com/ceph/go-ceph/compare/v0.11.0...v0.12.0)

---
updated-dependencies:
- dependency-name: github.com/ceph/go-ceph
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-19 13:27:19 +00:00
dependabot[bot]
7c4b29bd57 rebase: bump sigs.k8s.io/controller-runtime from 0.10.1 to 0.10.2
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.10.1 to 0.10.2.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.10.1...v0.10.2)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-18 07:17:30 +00:00
Niels de Vos
584d43a132 deploy: move rbd/CSIDriver to API
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-10-15 16:08:59 +00:00
dependabot[bot]
3934599b0e rebase: bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.16.4 to 1.16.5.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/ginkgo/compare/v1.16.4...v1.16.5)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-13 09:21:21 +00:00
dependabot[bot]
574852e27c rebase: bump github.com/aws/aws-sdk-go from 1.40.55 to 1.41.0
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.55 to 1.41.0.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.55...v1.41.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-12 07:18:32 +00:00
dependabot[bot]
b9beb2106b rebase: bump github.com/aws/aws-sdk-go from 1.40.50 to 1.40.55
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.50 to 1.40.55.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.50...v1.40.55)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-06 17:28:25 +00:00
Niels de Vos
5ea99fdd5b build: add yamlgen to build deployment files
This initial version of yamlgen generates deploy/scc.yaml based on the
deployment artifact that is provided by the new api/deploy/ocp package.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-10-05 11:26:50 +00:00
Niels de Vos
bb68cc9bee rebase: update vault/api to v1.1.1
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-09-29 05:55:26 +00:00
dependabot[bot]
b85076365c rebase: bump google.golang.org/grpc from 1.40.0 to 1.41.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.40.0 to 1.41.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.40.0...v1.41.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-28 11:36:21 +00:00
dependabot[bot]
27a2718f0b rebase: bump sigs.k8s.io/controller-runtime from 0.10.0 to 0.10.1
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.10.0 to 0.10.1.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.10.0...v0.10.1)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-28 06:38:08 +00:00
dependabot[bot]
f0e2f84a40 rebase: bump github.com/aws/aws-sdk-go from 1.40.46 to 1.40.50
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.46 to 1.40.50.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.46...v1.40.50)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-28 04:29:46 +00:00
dependabot[bot]
64ade1d4c3 rebase: bump github.com/aws/aws-sdk-go from 1.40.34 to 1.40.46
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.40.34 to 1.40.46.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.40.34...v1.40.46)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-23 04:47:17 +00:00
Rakshith R
8f432e8bfa rebase: update k8s.io packages from v0.22.1 to v0.22.2
This commit also fixes k8s.io/cloud-providers v0.22.2,
instead of v1.22.1 which does not exist and was overrided
in replace.

Signed-off-by: Rakshith R <rar@redhat.com>
2021-09-21 08:09:12 +00:00
dependabot[bot]
c1931c8192 rebase: bump k8s.io/kubernetes from 1.22.1 to 1.22.2
Bumps [k8s.io/kubernetes](https://github.com/kubernetes/kubernetes) from 1.22.1 to 1.22.2.
- [Release notes](https://github.com/kubernetes/kubernetes/releases)
- [Commits](https://github.com/kubernetes/kubernetes/compare/v1.22.1...v1.22.2)

---
updated-dependencies:
- dependency-name: k8s.io/kubernetes
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-21 08:09:12 +00:00
dependabot[bot]
566cef2719 rebase: bump github.com/csi-addons/spec from 0.1.0 to 0.1.1
Bumps [github.com/csi-addons/spec](https://github.com/csi-addons/spec) from 0.1.0 to 0.1.1.
- [Release notes](https://github.com/csi-addons/spec/releases)
- [Commits](https://github.com/csi-addons/spec/compare/v0.1.0...v0.1.1)

---
updated-dependencies:
- dependency-name: github.com/csi-addons/spec
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-21 05:06:08 +00:00
dependabot[bot]
8fc7db8d80 rebase: bump github.com/aws/aws-sdk-go from 1.38.63 to 1.40.34
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.38.63 to 1.40.34.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.38.63...v1.40.34)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-02 16:57:22 +00:00
dependabot[bot]
fb000647b5 rebase: bump sigs.k8s.io/controller-runtime from 0.9.2 to 0.10.0
Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.9.2 to 0.10.0.
- [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases)
- [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.9.2...v0.10.0)

---
updated-dependencies:
- dependency-name: sigs.k8s.io/controller-runtime
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-02 13:49:51 +00:00
dependabot[bot]
e8efa272a6 rebase: bump github.com/onsi/gomega from 1.13.0 to 1.16.0
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.13.0 to 1.16.0.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.13.0...v1.16.0)

---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-02 09:32:38 +00:00
Niels de Vos
c12b155940 rebase: use latest google.golang.org/grpc version
google.golang.org/grpc was listed in go.mod:replace and updating the
dependency was not possible. There should not be a reason to prevent
updating, commit 5aca04d540 added it but without explanation.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-09-01 15:19:26 +00:00
dependabot[bot]
bf77ab57dc rebase: bump google.golang.org/grpc from 1.38.0 to 1.40.0
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.38.0 to 1.40.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.38.0...v1.40.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-01 15:19:26 +00:00
Niels de Vos
3f6db2f851 rebase: update k8s.io/kubernetes dependencies to v0.22.1
Dependabot can not update the dependencies for k8s.io/kubernetes
correctly. Helping the bot out with this additional commit.

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-09-01 13:01:01 +00:00
dependabot[bot]
b9b5ae5387 rebase: bump k8s.io/kubernetes from 1.22.0 to 1.22.1
Bumps [k8s.io/kubernetes](https://github.com/kubernetes/kubernetes) from 1.22.0 to 1.22.1.
- [Release notes](https://github.com/kubernetes/kubernetes/releases)
- [Commits](https://github.com/kubernetes/kubernetes/compare/v1.22.0...v1.22.1)

---
updated-dependencies:
- dependency-name: k8s.io/kubernetes
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-01 13:01:01 +00:00
dependabot[bot]
ed38157f9f rebase: bump k8s.io/klog/v2 from 2.9.0 to 2.10.0
Bumps [k8s.io/klog/v2](https://github.com/kubernetes/klog) from 2.9.0 to 2.10.0.
- [Release notes](https://github.com/kubernetes/klog/releases)
- [Changelog](https://github.com/kubernetes/klog/blob/main/RELEASE.md)
- [Commits](https://github.com/kubernetes/klog/compare/v2.9.0...v2.10.0)

---
updated-dependencies:
- dependency-name: k8s.io/klog/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-08-31 19:31:20 +00:00
Niels de Vos
2cc96dc539 build: vendor code.cloudfoundry.org/gofileutils from GitHub
There is a problem accessing the code.cloudfoundry.org web service iver
TLS. It seems to redirect to GitHub, so use the package from there:

    running: go mod verify
    go: github.com/libopenstorage/secrets@v0.0.0-20210709082113-dde442ea20ec requires
    	github.com/hashicorp/vault@v1.4.2 requires
    	github.com/hashicorp/vault-plugin-auth-cf@v0.5.4 requires
    	github.com/cloudfoundry-community/go-cfclient@v0.0.0-20190201205600-f136f9222381 requires
    	code.cloudfoundry.org/gofileutils@v0.0.0-20170111115228-4d0c80011a0f: unrecognized import path "code.cloudfoundry.org/gofileutils": https fetch: Get "https://code.cloudfoundry.org/gofileutils?go-get=1": x509: certificate signed by unknown authority

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-08-30 13:51:49 +00:00
Niels de Vos
b2e5e0574b build: get gomodules.xyz/jsonpatch/v2 from github
The `make containerized-test TARGET=mod-check` jobs fail because the web
service at gomodules.xyz is not behaving correctly at the moment:

    running: go mod verify
    go: sigs.k8s.io/controller-runtime@v0.9.2 requires
    	gomodules.xyz/jsonpatch/v2@v2.2.0: unrecognized import path "gomodules.xyz/jsonpatch/v2": reading https://gomodules.xyz/jsonpatch/v2?go-get=1: 404 Not Found

Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-08-30 13:51:49 +00:00
Humble Chirammal
e65fbe9862 rebase: make use of v0.10.0 of csi-lib-utils
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-08-18 17:05:22 +00:00
Humble Chirammal
ca7809099d rebase: update external-snapshotter client to v4.2.0
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-08-17 10:58:52 +00:00
Humble Chirammal
56ac143450 rebase: update go-ceph version to v0.11.0
Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-08-12 12:42:20 +00:00
Humble Chirammal
aa698bc3e1 rebase: update kubernetes and libraries to v1.22.0 version
Kubernetes v1.22 version has been released and this update
ceph csi dependencies to use the same version.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-08-12 09:55:50 +00:00
Niels de Vos
d7bcb42481 rebase: update libopenstorage/secrets
libopenstorage has added a new feature that makes it possible to destroy
the contents of a key/value in the Hashicorp Vault kv-v2 secrets backend.

See-also: https://github.com/libopenstorage/secrets/pull/55
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-08-06 12:19:18 +00:00
Madhu Rajanna
8732bec369 rebase: add go-ceph rbd admin package to vendor
added go-ceph rbd admin package to vendor. keeping
this as a separate commit which helps in review.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-07-06 14:41:48 +00:00
Rakshith R
9eaa55506f rebase: update controller-runtime package to v0.9.2
This commit updates controller-runtime to v0.9.2 and
makes changes in persistentvolume.go to add context to
various functions and function calls made here instead of
context.TODO().

Signed-off-by: Rakshith R <rar@redhat.com>
2021-07-01 03:35:23 +00:00
Rakshith R
1b23d78113 rebase: update kubernetes to v1.21.2
Updated kubernetes packages to latest release.
resizefs package has been included into k8s.io/mount-utils
package. updated code to use the same.

Updates: #1968

Signed-off-by: Rakshith R <rar@redhat.com>
2021-07-01 03:35:23 +00:00
Humble Chirammal
5aca04d540 rebase: upgrade snapshot v1beta1 api and clientset to v1 version
At present e2e snapshot code make use of snapshot v1beta1 api and client
This patch address the same and snapshot api clientset/apis are updated
to v1 version.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-06-24 17:35:07 +00:00
Niels de Vos
f8a08ada6d rebase: update google.golang.org/grpc to latest version
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-06-23 08:40:15 +00:00
Niels de Vos
f5dd8e769f rebase: update github.com/aws/aws-sdk-go to latest version
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-06-23 08:40:15 +00:00
Niels de Vos
b204b68635 rebase: update golang.org/x/crypto to latest version
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-06-23 08:40:15 +00:00
Niels de Vos
f021083097 rebase: remove unused vbom.ml/util
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-06-23 08:40:15 +00:00
Niels de Vos
fb8ee3a453 rebase: remove unused github.com/kubernetes-incubator/external-storage
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-06-23 08:40:15 +00:00
Niels de Vos
004133d746 rebase: update golang.org/x/sys to latest version
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-06-23 08:40:15 +00:00
Niels de Vos
2fe3f2eadf rebase: update to CSI spec v1.5.0
Signed-off-by: Niels de Vos <ndevos@redhat.com>
2021-06-23 08:40:15 +00:00
Madhu Rajanna
5b7b5f1e3a rebase: update go-ceph to v0.10.0
This commit updates the go-ceph to latest
release. More details about release at
https://github.com/ceph/go-ceph/releases/tag/v0.10.0

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-06-11 09:36:53 +00:00
Madhu Rajanna
fb7dc13dfe rebase: update packages in go.mod to latest releases
updated few packages in go.mod to latest
available release.

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2021-06-04 11:52:22 +00:00
Humble Chirammal
78211b694b build: update client-go and other kube dependencies to 1.20.6
client-go 1.20.6 has a fix for below CVE: This patch address this
via updating client-go and other dependencies.

CVE-2019-11250 : The MITRE CVE dictionary describes this issue as:

The Kubernetes client-go library logs request headers at verbosity
levels of 7 or higher. This can disclose credentials to unauthorized
users via logs or command output. Kubernetes components (such as
kube-apiserver) prior to v1.16.0, which make use of basic or bearer
token authentication, and run at high verbosity levels, are affected.

Ref# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11250

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
2021-05-26 09:14:10 +00:00