OES Release Notes for Spinnaker Version v1.30.1
OSS Spinnaker reference
The images are forked out of OSS Spinnaker 1.30.1
The halyard version is forked out of Halyard Commits except for the following two auto bump commits
https://github.com/spinnaker/halyard/commit/397efbf2f71d3deca8db3667ef3f287c392c 9097 https://github.com/spinnaker/halyard/commit/c01d64838569d6a8c651130d0bc1e65de7 13cc93
Releases
The following are the releases made in OES for Spinnaker version prior to v1.33.3
OES 1.30.1.20240301 - Patch 1 (18 June 2024)
Fixed Issues
Pipeline payload gets skipped if expected artifact ID is not found.
Refer OES 1.30.1.20240300 (29 March 2024) for details on the main release.
OES 1.30.1.20240300 (29 March 2024)
Fixed Issues
The following CVEs are fixed in this release:
CVE | Package | Severity |
CVE-2024-1597 | org.postgresql:postgresql | Critical |
CVE-2015-8549 | PyAMF | High |
CVE-2016-10745 | Jinja2 | High |
CVE-2019-10906 | Jinja2 | High |
CVE-2023-31582 | org.bitbucket.b_c:jose4j | High |
CVE-2023-3635 | com.squareup.okio:okio-jvm | High |
CVE-2023-39017 | quartz | High |
CVE-2023-46589 | org.apache.tomcat.embed:tomcat-embed-core | High |
CVE-2023-44487 | org.apache.tomcat.embed:tomcat-embed-core | High |
CVE-2023-49569 | http://github.com/go-git/go-git/v5 | High |
February 2024
Fixed Issues
Fixable CRITICAL and HIGH CVEs are fixed.
Fixed the failing UT cases in CloudDriver, Gate, and Kork.
Fixed the issue of clouddriver not getting ready for more than 1300 Kubernetes accounts.
Fixed failing test cases in SQL core module.
Default profiles not effective resulting in “APPLICATION FAILED TO START" error's CloudDriver, Echo, Igor, and Gate.
Fixed Default profiles issue of the CloudDriver image with AWS component.
Fixed the Docker accounts not loading issue by removing docker related configuration in clouddriver.yml
Fixed the issue of Custom Stage Jobs failing with "Index -1 out of bounds for length 0".
Fixed the issue of gate service with the external Redis cache as well as spin-gate in 0/1 state with LDAP authentication.
Fixed the issue of igor crash with a large number of user roles.
Fixed the loading issue of Swagger API with updated Spring boot.
November 2023
Fixed Issues
Fixed the failing UT cases in CloudDriver, Gate, and Kork
Junit4 to Junit5 migration and fix related test cases
snakeyaml vulnerability fix
Fiat role-sync is running long due to user roles in SAML is fixed by adding rest api only for syncing unrestricted user
Additional metric requested in Igor
Spring boot version 3.0.7 > 3.0.9 upgrade
Upgrade pf4j version to 3.10.0
June 2023
Fixed Issues
FIPS compliant base image Redhat UBI8.8
Spring Boot upgraded to 3.0
springframework 3.0.6
Java upgraded to 17
SnakeYAML upgraded to version 2.0
Last updated