OpsMx Enterprise for Spinnaker
OpsMx Enterprise for Spinnaker (OES) is a highly scalable, secure, multi-cloud continuous delivery solution built on top of Spinnaker and helps you release software changes with high velocity and confidence. OES empowers teams to modernize their software delivery by fastening the release process, reduce risks and costs.
Compared to open source, OES has custom stages, additional plugins and features. UBI-8 (Redhat Universal Base Images) base images are used in OES thus making it more secure. Open source spinnaker is continuously monitored and the CVEs are fixed in the OES version.
OSS Spinnaker reference
The images are forked out of OSS Spinnaker 1.30.1
The halyard version is forked out of https://github.com/spinnaker/halyard/commits/v1.55.0
except for the following two auto bump commits
https://github.com/spinnaker/halyard/commit/397efbf2f71d3deca8db3667ef3f287c392c 9097 https://github.com/spinnaker/halyard/commit/c01d64838569d6a8c651130d0bc1e65de7 13cc93
Releases
The following are the releases made in OES.
OES 1.30.1.20240300 (29 March 2024)
Fixed Issues
The following CVEs are fixed in this release:
CVE | Package | Severity |
CVE-2024-1597 | org.postgresql:postgresql | Critical |
CVE-2015-8549 | PyAMF | High |
CVE-2016-10745 | Jinja2 | High |
CVE-2019-10906 | Jinja2 | High |
CVE-2023-31582 | org.bitbucket.b_c:jose4j | High |
CVE-2023-3635 | com.squareup.okio:okio-jvm | High |
CVE-2023-39017 | quartz | High |
CVE-2023-46589 | org.apache.tomcat.embed:tomcat-embed-core | High |
CVE-2023-44487 | org.apache.tomcat.embed:tomcat-embed-core | High |
CVE-2023-49569 | http://github.com/go-git/go-git/v5 | High |
February 2024
Fixed Issues
Fixable CRITICAL and HIGH CVEs are fixed.
Fixed the failing UT cases in CloudDriver, Gate, and Kork.
Fixed the issue of clouddriver not getting ready for more than 1300 Kubernetes accounts.
Fixed failing test cases in SQL core module.
Default profiles not effective resulting in “APPLICATION FAILED TO START" error's CloudDriver, Echo, Igor, and Gate.
Fixed Default profiles issue of the CloudDriver image with AWS component.
Fixed the Docker accounts not loading issue by removing docker related configuration in clouddriver.yml
Fixed the issue of Custom Stage Jobs failing with "Index -1 out of bounds for length 0".
Fixed the issue of gate service with the external Redis cache as well as spin-gate in 0/1 state with LDAP authentication.
Fixed the issue of igor crash with a large number of user roles.
Fixed the loading issue of Swagger API with updated Spring boot.
November 2023
Fixed Issues
Fixed the failing UT cases in CloudDriver, Gate, and Kork
Junit4 to Junit5 migration and fix related test cases
snakeyaml vulnerability fix
Fiat role-sync is running long due to user roles in SAML is fixed by adding rest api only for syncing unrestricted user
Additional metric requested in Igor
Spring boot version 3.0.7 > 3.0.9 upgrade
Upgrade pf4j version to 3.10.0
June 2023
Fixed Issues
FIPS compliant base image Redhat UBI8.8
Spring Boot upgraded to 3.0
springframework 3.0.6
Java upgraded to 17
SnakeYAML upgraded to version 2.0
Last updated