Skip to content

Commit

Permalink
Updates 23092022 (#83)
Browse files Browse the repository at this point in the history
* Package updates 23-09-2022

* Bump version: 1.1.11 → 1.1.12

* Update the python image

A vulnerability has been detected in the current image, therefore updating the image to the latest one in hope that it would fix this.

* Update the vulnerabilities exceptions list

The image update did not fix the issue, the vulnerability applies to XML so does not affect us, adding it to the exception list.

* Update dependencies 28/09/2022
  • Loading branch information
DawidDlubek-TomTom authored Sep 28, 2022
1 parent 4a7fb2d commit 487a9f3
Show file tree
Hide file tree
Showing 6 changed files with 17 additions and 21 deletions.
2 changes: 1 addition & 1 deletion .bumpversion.cfg
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
[bumpversion]
current_version = 1.1.11
current_version = 1.1.12
commit = True
tag = False
message = Bump version: {current_version} → {new_version}
Expand Down
3 changes: 1 addition & 2 deletions .github/containerscan/allowedlist.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
general:
vulnerabilities:
- CVE-2022-37434
- CVE-2021-46828
- CVE-2022-40674
2 changes: 1 addition & 1 deletion .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ on:
workflow_dispatch:

env:
VERSION: 1.1.11
VERSION: 1.1.12

jobs:
release:
Expand Down
4 changes: 2 additions & 2 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
FROM python:3.10.6-alpine3.16 as builder
FROM python:3.10.7-alpine3.16 as builder

COPY . /build

WORKDIR /build

RUN python -m venv /venv && /venv/bin/pip --no-cache-dir install .

FROM python:3.10.5-alpine3.16
FROM python:3.10.7-alpine3.16

RUN addgroup exporter && adduser --system --no-create-home --shell /bin/false --ingroup exporter exporter
USER exporter
Expand Down
25 changes: 11 additions & 14 deletions poetry.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion pyproject.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[tool.poetry]
name = "vault-assessment-prometheus-exporter"
version = "1.1.11"
version = "1.1.12"
description = "Prometheus exporter to monitor custom metadata for KV2 secrets for (self-imposed) expiration."
authors = ["Eugene Davis <[email protected]>"]
readme = "README.md"
Expand Down

0 comments on commit 487a9f3

Please sign in to comment.