From 016a0f3384e1ff84c998c65c01c592193c9db02c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Rodr=C3=ADguez=20Hern=C3=A1ndez?= Date: Tue, 10 Dec 2024 17:00:10 +0100 Subject: [PATCH] [bitnami/ghost] Detect non-standard images MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Carlos Rodríguez Hernández --- bitnami/ghost/Chart.lock | 6 +++--- bitnami/ghost/Chart.yaml | 2 +- bitnami/ghost/README.md | 4 ++++ bitnami/ghost/templates/NOTES.txt | 2 +- bitnami/ghost/values.yaml | 5 +++++ 5 files changed, 14 insertions(+), 5 deletions(-) diff --git a/bitnami/ghost/Chart.lock b/bitnami/ghost/Chart.lock index c7c1388d84aed6..64b9bb901a4956 100644 --- a/bitnami/ghost/Chart.lock +++ b/bitnami/ghost/Chart.lock @@ -4,6 +4,6 @@ dependencies: version: 12.1.0 - name: common repository: oci://registry-1.docker.io/bitnamicharts - version: 2.27.2 -digest: sha256:f91f6cd1757515c227000ecf00f46f50451bb1665dd0f173f7cf95671b0a946a -generated: "2024-11-28T21:13:23.304292341Z" + version: 2.28.0 +digest: sha256:79dfca92b7d91dbd45d91a0652a810dcf73d69de94e5b4cd4e1147b2f853598d +generated: "2024-12-10T17:00:06.25348+01:00" diff --git a/bitnami/ghost/Chart.yaml b/bitnami/ghost/Chart.yaml index 66819ca6fbd8a3..528a6380e5f0fa 100644 --- a/bitnami/ghost/Chart.yaml +++ b/bitnami/ghost/Chart.yaml @@ -40,4 +40,4 @@ maintainers: name: ghost sources: - https://github.com/bitnami/charts/tree/main/bitnami/ghost -version: 22.0.10 +version: 22.1.0 diff --git a/bitnami/ghost/README.md b/bitnami/ghost/README.md index 0ccd7b55e04375..1ba3c7c52b84b4 100644 --- a/bitnami/ghost/README.md +++ b/bitnami/ghost/README.md @@ -483,6 +483,10 @@ Find more information about how to deal with common errors related to Bitnami's ## Upgrading +### To 22.1.0 + +This version introduces image verification for security purposes. To disable it, set `global.security.allowInsecureImages` to `true`. More details at [GitHub issue](https://github.com/bitnami/charts/issues/30850). + ### To 22.0.0 This major bump updates the MySQL subchart to version 12.0.0. This subchart updates the StatefulSet objects `serviceName` to use a headless service, as the current non-headless service attached to it was not providing DNS entries. This will cause an upgrade issue because it changes "immutable fields". To workaround it, delete the StatefulSet objects as follows (replace the RELEASE_NAME placeholder): diff --git a/bitnami/ghost/templates/NOTES.txt b/bitnami/ghost/templates/NOTES.txt index 78a4330076d6e0..7fa81b7586539f 100644 --- a/bitnami/ghost/templates/NOTES.txt +++ b/bitnami/ghost/templates/NOTES.txt @@ -146,4 +146,4 @@ host. To configure Ghost to use and external database host: {{- end -}} {{- include "common.errors.upgrade.passwords.empty" (dict "validationErrors" $passwordValidationErrors "context" $) -}} {{- include "common.warnings.resources" (dict "sections" (list "" "volumePermissions") "context" $) }} -{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.volumePermissions.image) "context" $) }} \ No newline at end of file +{{- include "common.warnings.modifiedImages" (dict "images" (list .Values.image .Values.volumePermissions.image) "context" $) }}{{- include "common.errors.insecureImages" (dict "images" (list .Values.image .Values.volumePermissions.image) "context" $) }} diff --git a/bitnami/ghost/values.yaml b/bitnami/ghost/values.yaml index 8bf4fea0a6b68a..708ea667dfc0a8 100644 --- a/bitnami/ghost/values.yaml +++ b/bitnami/ghost/values.yaml @@ -597,6 +597,11 @@ persistence: ## If undefined (the default) or set to null, no storageClassName spec is set, choosing the default provisioner ## storageClass: "" + ## Security parameters + ## + security: + ## @param global.security.allowInsecureImages Allows skipping image verification + allowInsecureImages: false ## @param persistence.annotations Additional custom annotations for the PVC ## annotations: {}