From 827c3abc7ad28c2d145571153273dae9d9ae0acc Mon Sep 17 00:00:00 2001
From: Paolo Sottovia <paolo.sottovia@canonical.com>
Date: Tue, 12 Nov 2024 11:22:05 +0000
Subject: [PATCH 1/2] Downgrade jmx lib to avoid conflict with spark-metrics

---
 images/charmed-spark/rockcraft.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/images/charmed-spark/rockcraft.yaml b/images/charmed-spark/rockcraft.yaml
index 7588d666..dced41d3 100644
--- a/images/charmed-spark/rockcraft.yaml
+++ b/images/charmed-spark/rockcraft.yaml
@@ -100,11 +100,11 @@ parts:
       ICEBERG_VERSION='1.4.3'
       SPARK_METRICS_VERSION='3.4-1.0.2'
       SERVLET_FILTERS_VERSION='0.0.1'
-      PROMETHEUS_JMX_EXPORTER_VERSION='0.20.0'
+      PROMETHEUS_JMX_EXPORTER_VERSION='0.15.0'
       SHA1SUM_ICEBERG_JAR='48d553e4e5496f731b9e0e6adb5bc0fd040cb0df'
       SHA512SUM_SPARK_METRICS_ASSEMBLY_JAR='9be728c3bda6a8e9db77452f416bc23245271a5db2da64557429352917c0772801ead19f3b1a33f955ec2eced3cb952c6c3a7c617cdeb4389cd17284f3c711f7'
       SHA512SUM_SPARK_SERVLET_FILTER_JAR='ffeb809d58ef0151d513b09d4c2bfd5cc064b0b888ca45899687aed2f42bcb1ce9834be9709290dd70bd9df84049f02cbbff6c2d5ec3c136c278c93f167c8096'
-      SHA1SUM_PROMETHEUS_JMX_EXPORTER='7b8a98e3482cee8889698ef391b85c47a3c4ce5b'
+      SHA1SUM_PROMETHEUS_JMX_EXPORTER='a1061f29088ac2709da076a97736de575a872538'
 
       JARS=(
       "https://repo1.maven.org/maven2/org/apache/iceberg/iceberg-spark-runtime-${ICEBERG_SPARK_RUNTIME_VERSION}/LIB_VERSION/iceberg-spark-runtime-${ICEBERG_SPARK_RUNTIME_VERSION}-LIB_VERSION.jar $ICEBERG_VERSION sha1sum $SHA1SUM_ICEBERG_JAR"

From 3e6670f0a85cc8c14533d82024fd55ee001ae0f2 Mon Sep 17 00:00:00 2001
From: Paolo Sottovia <paolo.sottovia@canonical.com>
Date: Tue, 12 Nov 2024 13:13:49 +0000
Subject: [PATCH 2/2] Update trivy

---
 .github/workflows/trivy.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index 6be1abc9..e3963ac2 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -48,7 +48,7 @@ jobs:
             docker-archive:${{ steps.artifact.outputs.base_artifact_name }} \
             docker-daemon:trivy/charmed-spark:test
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           image-ref: 'trivy/charmed-spark:test'
           format: 'sarif'
@@ -63,7 +63,7 @@ jobs:
           ref: ${{ inputs.branch }}
 
       - name: Run Trivy in GitHub SBOM mode and submit results to Dependency Graph
-        uses: aquasecurity/trivy-action@0.20.0
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           scan-type: 'image'
           format: 'spdx-json'