diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 6be1abc9..e3963ac2 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -48,7 +48,7 @@ jobs: docker-archive:${{ steps.artifact.outputs.base_artifact_name }} \ docker-daemon:trivy/charmed-spark:test - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@0.28.0 with: image-ref: 'trivy/charmed-spark:test' format: 'sarif' @@ -63,7 +63,7 @@ jobs: ref: ${{ inputs.branch }} - name: Run Trivy in GitHub SBOM mode and submit results to Dependency Graph - uses: aquasecurity/trivy-action@0.20.0 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: 'image' format: 'spdx-json' diff --git a/images/charmed-spark/rockcraft.yaml b/images/charmed-spark/rockcraft.yaml index 7588d666..dced41d3 100644 --- a/images/charmed-spark/rockcraft.yaml +++ b/images/charmed-spark/rockcraft.yaml @@ -100,11 +100,11 @@ parts: ICEBERG_VERSION='1.4.3' SPARK_METRICS_VERSION='3.4-1.0.2' SERVLET_FILTERS_VERSION='0.0.1' - PROMETHEUS_JMX_EXPORTER_VERSION='0.20.0' + PROMETHEUS_JMX_EXPORTER_VERSION='0.15.0' SHA1SUM_ICEBERG_JAR='48d553e4e5496f731b9e0e6adb5bc0fd040cb0df' SHA512SUM_SPARK_METRICS_ASSEMBLY_JAR='9be728c3bda6a8e9db77452f416bc23245271a5db2da64557429352917c0772801ead19f3b1a33f955ec2eced3cb952c6c3a7c617cdeb4389cd17284f3c711f7' SHA512SUM_SPARK_SERVLET_FILTER_JAR='ffeb809d58ef0151d513b09d4c2bfd5cc064b0b888ca45899687aed2f42bcb1ce9834be9709290dd70bd9df84049f02cbbff6c2d5ec3c136c278c93f167c8096' - SHA1SUM_PROMETHEUS_JMX_EXPORTER='7b8a98e3482cee8889698ef391b85c47a3c4ce5b' + SHA1SUM_PROMETHEUS_JMX_EXPORTER='a1061f29088ac2709da076a97736de575a872538' JARS=( "https://repo1.maven.org/maven2/org/apache/iceberg/iceberg-spark-runtime-${ICEBERG_SPARK_RUNTIME_VERSION}/LIB_VERSION/iceberg-spark-runtime-${ICEBERG_SPARK_RUNTIME_VERSION}-LIB_VERSION.jar $ICEBERG_VERSION sha1sum $SHA1SUM_ICEBERG_JAR"