Commit released Helm Chart and docs for TrueCharts

Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
TrueCharts-Bot 2021-12-20 17:59:30 +00:00
parent d9922d6113
commit 567b2242f3
35 changed files with 389 additions and 97 deletions

View File

@ -1,6 +1,15 @@
# Changelog<br>
<a name="prometheus-1.1.26"></a>
### [prometheus-1.1.26](https://github.com/truecharts/apps/compare/prometheus-1.1.25...prometheus-1.1.26) (2021-12-20)
#### Chore
* update docker general non-major ([#1589](https://github.com/truecharts/apps/issues/1589))
<a name="prometheus-1.1.25"></a>
### [prometheus-1.1.25](https://github.com/truecharts/apps/compare/prometheus-1.1.24...prometheus-1.1.25) (2021-12-20)

View File

@ -317,7 +317,7 @@ You will, however, be able to use all values referenced in the common chart here
| prometheus.volumes | list | `[]` | |
| prometheus.walCompression | bool | `false` | |
| prometheusImage.repository | string | `"tccr.io/truecharts/prometheus"` | |
| prometheusImage.tag | string | `"v2.32.1@sha256:4f9d5b933b1576a91d857c1289c350e3ba0d67928d4a86d0fc62d16c28ed19f0"` | |
| prometheusImage.tag | string | `"v2.32.1@sha256:98e8a2e885ae6b8b9625fc0c987d30b5040ce921f46af2f7ba70c2edb42b4eee"` | |
| rbac | object | `{"enabled":true,"rules":[{"apiGroups":["apiextensions.k8s.io"],"resources":["customresourcedefinitions"],"verbs":["create"]},{"apiGroups":["apiextensions.k8s.io"],"resourceNames":["alertmanagers.monitoring.coreos.com","podmonitors.monitoring.coreos.com","prometheuses.monitoring.coreos.com","prometheusrules.monitoring.coreos.com","servicemonitors.monitoring.coreos.com","thanosrulers.monitoring.coreos.com","probes.monitoring.coreos.com"],"resources":["customresourcedefinitions"],"verbs":["get","update"]},{"apiGroups":["monitoring.coreos.com"],"resources":["alertmanagers","alertmanagers/finalizers","alertmanagerconfigs","prometheuses","prometheuses/finalizers","thanosrulers","thanosrulers/finalizers","servicemonitors","podmonitors","probes","prometheusrules"],"verbs":["*"]},{"apiGroups":["apps"],"resources":["statefulsets"],"verbs":["*"]},{"apiGroups":[""],"resources":["configmaps","secrets"],"verbs":["*"]},{"apiGroups":[""],"resources":["pods"],"verbs":["list","delete"]},{"apiGroups":[""],"resources":["services","services/finalizers","endpoints"],"verbs":["get","create","update","delete"]},{"apiGroups":[""],"resources":["nodes"],"verbs":["list","watch"]},{"apiGroups":[""],"resources":["namespaces"],"verbs":["get","list","watch"]},{"apiGroups":["networking.k8s.io"],"resources":["ingresses"],"verbs":["get","list","watch"]}]}` | Whether Role Based Access Control objects like roles and rolebindings should be created |
| securityContext.readOnlyRootFilesystem | bool | `false` | |
| service.alertmanager.enabled | bool | `true` | |

View File

@ -1,6 +1,15 @@
# Changelog<br>
<a name="omada-controller-4.0.36"></a>
### [omada-controller-4.0.36](https://github.com/truecharts/apps/compare/omada-controller-4.0.35...omada-controller-4.0.36) (2021-12-20)
#### Chore
* update docker general non-major ([#1589](https://github.com/truecharts/apps/issues/1589))
<a name="omada-controller-4.0.35"></a>
### [omada-controller-4.0.35](https://github.com/truecharts/apps/compare/omada-controller-4.0.34...omada-controller-4.0.35) (2021-12-19)

View File

@ -15,7 +15,7 @@ You will, however, be able to use all values referenced in the common chart here
| env.TZ | string | `"UTC"` | Set the container timezone |
| image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
| image.repository | string | `"tccr.io/truecharts/omada-controller"` | image repository |
| image.tag | string | `"v4.4@sha256:86ca3f429fd54411b9d0727453fcb4b02079cdf388a90b2051e4c1b7c51d88f6"` | image tag |
| image.tag | string | `"v4.4@sha256:f4606fad1759210d5082d824f00c5fb89ff6ece428934fa23bda7605f2a7c0b3"` | image tag |
| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
| podSecurityContext.runAsGroup | int | `0` | |
| podSecurityContext.runAsUser | int | `0` | |

File diff suppressed because one or more lines are too long

View File

@ -1,6 +1,15 @@
# Changelog<br>
<a name="bazarr-9.0.28"></a>
### [bazarr-9.0.28](https://github.com/truecharts/apps/compare/bazarr-9.0.27...bazarr-9.0.28) (2021-12-20)
#### Chore
* update docker general non-major ([#1589](https://github.com/truecharts/apps/issues/1589))
<a name="bazarr-9.0.27"></a>
### [bazarr-9.0.27](https://github.com/truecharts/apps/compare/bazarr-9.0.26...bazarr-9.0.27) (2021-12-19)

View File

@ -14,7 +14,7 @@ You will, however, be able to use all values referenced in the common chart here
| env | object | `{}` | |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.repository | string | `"tccr.io/truecharts/bazarr"` | |
| image.tag | string | `"v1.0.1@sha256:b6d3d33d3f964e4de7563096f07476f9f2c990f2268e1f9814d3281c3181111e"` | |
| image.tag | string | `"v1.0.1@sha256:7688d7ee3c2bf867cbfc9994a43e64ba65692ea6e93c23a11877bc686fd2e608"` | |
| persistence.config.enabled | bool | `true` | |
| persistence.config.mountPath | string | `"/config"` | |
| service.main.ports.main.port | int | `6767` | |

File diff suppressed because one or more lines are too long

View File

@ -1,6 +1,11 @@
# Changelog<br>
<a name="emulatorjs-0.0.8"></a>
### [emulatorjs-0.0.8](https://github.com/truecharts/apps/compare/emulatorjs-0.0.7...emulatorjs-0.0.8) (2021-12-20)
<a name="emulatorjs-0.0.7"></a>
### [emulatorjs-0.0.7](https://github.com/truecharts/apps/compare/emulatorjs-0.0.6...emulatorjs-0.0.7) (2021-12-19)

View File

@ -20,6 +20,7 @@ You will, however, be able to use all values referenced in the common chart here
| persistence.varrun.enabled | bool | `true` | |
| podSecurityContext.runAsGroup | int | `0` | |
| podSecurityContext.runAsUser | int | `0` | |
| securityContext.readOnlyRootFilesystem | bool | `false` | |
| securityContext.runAsNonRoot | bool | `false` | |
| service.front.enabled | bool | `true` | |
| service.front.ports.front.enabled | bool | `true` | |

View File

@ -21,6 +21,7 @@ hide:
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;RELEASE-NAME-emulatorjs&#39; of Deployment &#39;RELEASE-NAME-emulatorjs&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-emulatorjs&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV013 | Image tag &#39;:latest&#39; used | LOW | <details><summary>Expand...</summary> It is best to avoid using the &#39;:latest&#39; image tag when deploying containers in production. Doing so makes it hard to track which version of the image is running, and hard to roll back the version. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-emulatorjs&#39; should specify an image tag </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/configuration/overview/#container-images">https://kubernetes.io/docs/concepts/configuration/overview/#container-images</a><br><a href="https://avd.aquasec.com/appshield/ksv013">https://avd.aquasec.com/appshield/ksv013</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;RELEASE-NAME-emulatorjs&#39; of Deployment &#39;RELEASE-NAME-emulatorjs&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-emulatorjs&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV019 | Seccomp policies disabled | MEDIUM | <details><summary>Expand...</summary> A program inside the container can bypass Seccomp protection policies. <br> <hr> <br> Container &#39;RELEASE-NAME-emulatorjs&#39; of Deployment &#39;RELEASE-NAME-emulatorjs&#39; should specify a seccomp profile </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/">https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/</a><br><a href="https://avd.aquasec.com/appshield/ksv019">https://avd.aquasec.com/appshield/ksv019</a><br></details> |
| Kubernetes Security Check | KSV019 | Seccomp policies disabled | MEDIUM | <details><summary>Expand...</summary> A program inside the container can bypass Seccomp protection policies. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-emulatorjs&#39; should specify a seccomp profile </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/">https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/</a><br><a href="https://avd.aquasec.com/appshield/ksv019">https://avd.aquasec.com/appshield/ksv019</a><br></details> |

View File

@ -1,6 +1,15 @@
# Changelog<br>
<a name="lazylibrarian-9.0.34"></a>
### [lazylibrarian-9.0.34](https://github.com/truecharts/apps/compare/lazylibrarian-9.0.33...lazylibrarian-9.0.34) (2021-12-20)
#### Chore
* update docker general non-major ([#1589](https://github.com/truecharts/apps/issues/1589))
<a name="lazylibrarian-9.0.33"></a>
### [lazylibrarian-9.0.33](https://github.com/truecharts/apps/compare/lazylibrarian-9.0.32...lazylibrarian-9.0.33) (2021-12-19)

View File

@ -14,7 +14,7 @@ You will, however, be able to use all values referenced in the common chart here
| env | object | `{}` | |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.repository | string | `"tccr.io/truecharts/lazylibrarian"` | |
| image.tag | string | `"latest@sha256:615afa736606cf0c3059ba357722d0aebfc7fd96891c8f3b44480ab6216a7f35"` | |
| image.tag | string | `"latest@sha256:5f480dbc9b63036a8ff59295398a60e5c02c403cebed7d429a51b651e1ed8b65"` | |
| persistence.config.enabled | bool | `true` | |
| persistence.config.mountPath | string | `"/config"` | |
| persistence.varrun.enabled | bool | `true` | |

View File

@ -36,7 +36,7 @@ hide:
##### Detected Containers
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
tccr.io/truecharts/lazylibrarian:latest@sha256:615afa736606cf0c3059ba357722d0aebfc7fd96891c8f3b44480ab6216a7f35
tccr.io/truecharts/lazylibrarian:latest@sha256:5f480dbc9b63036a8ff59295398a60e5c02c403cebed7d429a51b651e1ed8b65
##### Scan Results
@ -73,7 +73,7 @@ hide:
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
#### Container: tccr.io/truecharts/lazylibrarian:latest@sha256:615afa736606cf0c3059ba357722d0aebfc7fd96891c8f3b44480ab6216a7f35 (ubuntu 18.04)
#### Container: tccr.io/truecharts/lazylibrarian:latest@sha256:5f480dbc9b63036a8ff59295398a60e5c02c403cebed7d429a51b651e1ed8b65 (ubuntu 18.04)
**ubuntu**

View File

@ -1,6 +1,15 @@
# Changelog<br>
<a name="sonarr-9.0.27"></a>
### [sonarr-9.0.27](https://github.com/truecharts/apps/compare/sonarr-9.0.26...sonarr-9.0.27) (2021-12-20)
#### Chore
* update docker general non-major ([#1589](https://github.com/truecharts/apps/issues/1589))
<a name="sonarr-9.0.26"></a>
### [sonarr-9.0.26](https://github.com/truecharts/apps/compare/sonarr-9.0.25...sonarr-9.0.26) (2021-12-19)

View File

@ -14,7 +14,7 @@ You will, however, be able to use all values referenced in the common chart here
| env | object | `{}` | |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.repository | string | `"tccr.io/truecharts/sonarr"` | |
| image.tag | string | `"v3.0.6.1342@sha256:245800dc1c4304f8121bf0d3e5dda4251eb613b0dfe20e5975ceb9f88eaba8e6"` | |
| image.tag | string | `"v3.0.6.1342@sha256:6a0f45517f706c877d7b5ae0605decf4993d7312920952aa7509b4cb003c137a"` | |
| persistence.config.enabled | bool | `true` | |
| persistence.config.mountPath | string | `"/config"` | |
| probes.liveness.custom | bool | `true` | |

File diff suppressed because one or more lines are too long

View File

@ -1,6 +1,15 @@
# Changelog<br>
<a name="prometheus-1.1.26"></a>
### [prometheus-1.1.26](https://github.com/truecharts/apps/compare/prometheus-1.1.25...prometheus-1.1.26) (2021-12-20)
#### Chore
* update docker general non-major ([#1589](https://github.com/truecharts/apps/issues/1589))
<a name="prometheus-1.1.25"></a>
### [prometheus-1.1.25](https://github.com/truecharts/apps/compare/prometheus-1.1.24...prometheus-1.1.25) (2021-12-20)

View File

@ -317,7 +317,7 @@ You will, however, be able to use all values referenced in the common chart here
| prometheus.volumes | list | `[]` | |
| prometheus.walCompression | bool | `false` | |
| prometheusImage.repository | string | `"tccr.io/truecharts/prometheus"` | |
| prometheusImage.tag | string | `"v2.32.1@sha256:4f9d5b933b1576a91d857c1289c350e3ba0d67928d4a86d0fc62d16c28ed19f0"` | |
| prometheusImage.tag | string | `"v2.32.1@sha256:98e8a2e885ae6b8b9625fc0c987d30b5040ce921f46af2f7ba70c2edb42b4eee"` | |
| rbac | object | `{"enabled":true,"rules":[{"apiGroups":["apiextensions.k8s.io"],"resources":["customresourcedefinitions"],"verbs":["create"]},{"apiGroups":["apiextensions.k8s.io"],"resourceNames":["alertmanagers.monitoring.coreos.com","podmonitors.monitoring.coreos.com","prometheuses.monitoring.coreos.com","prometheusrules.monitoring.coreos.com","servicemonitors.monitoring.coreos.com","thanosrulers.monitoring.coreos.com","probes.monitoring.coreos.com"],"resources":["customresourcedefinitions"],"verbs":["get","update"]},{"apiGroups":["monitoring.coreos.com"],"resources":["alertmanagers","alertmanagers/finalizers","alertmanagerconfigs","prometheuses","prometheuses/finalizers","thanosrulers","thanosrulers/finalizers","servicemonitors","podmonitors","probes","prometheusrules"],"verbs":["*"]},{"apiGroups":["apps"],"resources":["statefulsets"],"verbs":["*"]},{"apiGroups":[""],"resources":["configmaps","secrets"],"verbs":["*"]},{"apiGroups":[""],"resources":["pods"],"verbs":["list","delete"]},{"apiGroups":[""],"resources":["services","services/finalizers","endpoints"],"verbs":["get","create","update","delete"]},{"apiGroups":[""],"resources":["nodes"],"verbs":["list","watch"]},{"apiGroups":[""],"resources":["namespaces"],"verbs":["get","list","watch"]},{"apiGroups":["networking.k8s.io"],"resources":["ingresses"],"verbs":["get","list","watch"]}]}` | Whether Role Based Access Control objects like roles and rolebindings should be created |
| securityContext.readOnlyRootFilesystem | bool | `false` | |
| service.alertmanager.enabled | bool | `true` | |

View File

@ -1,6 +1,15 @@
# Changelog<br>
<a name="omada-controller-4.0.36"></a>
### [omada-controller-4.0.36](https://github.com/truecharts/apps/compare/omada-controller-4.0.35...omada-controller-4.0.36) (2021-12-20)
#### Chore
* update docker general non-major ([#1589](https://github.com/truecharts/apps/issues/1589))
<a name="omada-controller-4.0.35"></a>
### [omada-controller-4.0.35](https://github.com/truecharts/apps/compare/omada-controller-4.0.34...omada-controller-4.0.35) (2021-12-19)

View File

@ -15,7 +15,7 @@ You will, however, be able to use all values referenced in the common chart here
| env.TZ | string | `"UTC"` | Set the container timezone |
| image.pullPolicy | string | `"IfNotPresent"` | image pull policy |
| image.repository | string | `"tccr.io/truecharts/omada-controller"` | image repository |
| image.tag | string | `"v4.4@sha256:86ca3f429fd54411b9d0727453fcb4b02079cdf388a90b2051e4c1b7c51d88f6"` | image tag |
| image.tag | string | `"v4.4@sha256:f4606fad1759210d5082d824f00c5fb89ff6ece428934fa23bda7605f2a7c0b3"` | image tag |
| persistence | object | See values.yaml | Configure persistence settings for the chart under this key. |
| podSecurityContext.runAsGroup | int | `0` | |
| podSecurityContext.runAsUser | int | `0` | |

File diff suppressed because one or more lines are too long

View File

@ -1,6 +1,15 @@
# Changelog<br>
<a name="bazarr-9.0.28"></a>
### [bazarr-9.0.28](https://github.com/truecharts/apps/compare/bazarr-9.0.27...bazarr-9.0.28) (2021-12-20)
#### Chore
* update docker general non-major ([#1589](https://github.com/truecharts/apps/issues/1589))
<a name="bazarr-9.0.27"></a>
### [bazarr-9.0.27](https://github.com/truecharts/apps/compare/bazarr-9.0.26...bazarr-9.0.27) (2021-12-19)

View File

@ -14,7 +14,7 @@ You will, however, be able to use all values referenced in the common chart here
| env | object | `{}` | |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.repository | string | `"tccr.io/truecharts/bazarr"` | |
| image.tag | string | `"v1.0.1@sha256:b6d3d33d3f964e4de7563096f07476f9f2c990f2268e1f9814d3281c3181111e"` | |
| image.tag | string | `"v1.0.1@sha256:7688d7ee3c2bf867cbfc9994a43e64ba65692ea6e93c23a11877bc686fd2e608"` | |
| persistence.config.enabled | bool | `true` | |
| persistence.config.mountPath | string | `"/config"` | |
| service.main.ports.main.port | int | `6767` | |

File diff suppressed because one or more lines are too long

View File

@ -1,6 +1,11 @@
# Changelog<br>
<a name="emulatorjs-0.0.8"></a>
### [emulatorjs-0.0.8](https://github.com/truecharts/apps/compare/emulatorjs-0.0.7...emulatorjs-0.0.8) (2021-12-20)
<a name="emulatorjs-0.0.7"></a>
### [emulatorjs-0.0.7](https://github.com/truecharts/apps/compare/emulatorjs-0.0.6...emulatorjs-0.0.7) (2021-12-19)

View File

@ -20,6 +20,7 @@ You will, however, be able to use all values referenced in the common chart here
| persistence.varrun.enabled | bool | `true` | |
| podSecurityContext.runAsGroup | int | `0` | |
| podSecurityContext.runAsUser | int | `0` | |
| securityContext.readOnlyRootFilesystem | bool | `false` | |
| securityContext.runAsNonRoot | bool | `false` | |
| service.front.enabled | bool | `true` | |
| service.front.ports.front.enabled | bool | `true` | |

View File

@ -21,6 +21,7 @@ hide:
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;RELEASE-NAME-emulatorjs&#39; of Deployment &#39;RELEASE-NAME-emulatorjs&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM | <details><summary>Expand...</summary> &#39;runAsNonRoot&#39; forces the running image to run as a non-root user to ensure least privileges. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-emulatorjs&#39; should set &#39;securityContext.runAsNonRoot&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted">https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted</a><br><a href="https://avd.aquasec.com/appshield/ksv012">https://avd.aquasec.com/appshield/ksv012</a><br></details> |
| Kubernetes Security Check | KSV013 | Image tag &#39;:latest&#39; used | LOW | <details><summary>Expand...</summary> It is best to avoid using the &#39;:latest&#39; image tag when deploying containers in production. Doing so makes it hard to track which version of the image is running, and hard to roll back the version. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-emulatorjs&#39; should specify an image tag </details>| <details><summary>Expand...</summary><a href="https://kubernetes.io/docs/concepts/configuration/overview/#container-images">https://kubernetes.io/docs/concepts/configuration/overview/#container-images</a><br><a href="https://avd.aquasec.com/appshield/ksv013">https://avd.aquasec.com/appshield/ksv013</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;RELEASE-NAME-emulatorjs&#39; of Deployment &#39;RELEASE-NAME-emulatorjs&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW | <details><summary>Expand...</summary> An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-emulatorjs&#39; should set &#39;securityContext.readOnlyRootFilesystem&#39; to true </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/">https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/</a><br><a href="https://avd.aquasec.com/appshield/ksv014">https://avd.aquasec.com/appshield/ksv014</a><br></details> |
| Kubernetes Security Check | KSV019 | Seccomp policies disabled | MEDIUM | <details><summary>Expand...</summary> A program inside the container can bypass Seccomp protection policies. <br> <hr> <br> Container &#39;RELEASE-NAME-emulatorjs&#39; of Deployment &#39;RELEASE-NAME-emulatorjs&#39; should specify a seccomp profile </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/">https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/</a><br><a href="https://avd.aquasec.com/appshield/ksv019">https://avd.aquasec.com/appshield/ksv019</a><br></details> |
| Kubernetes Security Check | KSV019 | Seccomp policies disabled | MEDIUM | <details><summary>Expand...</summary> A program inside the container can bypass Seccomp protection policies. <br> <hr> <br> Container &#39;autopermissions&#39; of Deployment &#39;RELEASE-NAME-emulatorjs&#39; should specify a seccomp profile </details>| <details><summary>Expand...</summary><a href="https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/">https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/</a><br><a href="https://avd.aquasec.com/appshield/ksv019">https://avd.aquasec.com/appshield/ksv019</a><br></details> |

View File

@ -1,6 +1,15 @@
# Changelog<br>
<a name="lazylibrarian-9.0.34"></a>
### [lazylibrarian-9.0.34](https://github.com/truecharts/apps/compare/lazylibrarian-9.0.33...lazylibrarian-9.0.34) (2021-12-20)
#### Chore
* update docker general non-major ([#1589](https://github.com/truecharts/apps/issues/1589))
<a name="lazylibrarian-9.0.33"></a>
### [lazylibrarian-9.0.33](https://github.com/truecharts/apps/compare/lazylibrarian-9.0.32...lazylibrarian-9.0.33) (2021-12-19)

View File

@ -14,7 +14,7 @@ You will, however, be able to use all values referenced in the common chart here
| env | object | `{}` | |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.repository | string | `"tccr.io/truecharts/lazylibrarian"` | |
| image.tag | string | `"latest@sha256:615afa736606cf0c3059ba357722d0aebfc7fd96891c8f3b44480ab6216a7f35"` | |
| image.tag | string | `"latest@sha256:5f480dbc9b63036a8ff59295398a60e5c02c403cebed7d429a51b651e1ed8b65"` | |
| persistence.config.enabled | bool | `true` | |
| persistence.config.mountPath | string | `"/config"` | |
| persistence.varrun.enabled | bool | `true` | |

View File

@ -36,7 +36,7 @@ hide:
##### Detected Containers
tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
tccr.io/truecharts/lazylibrarian:latest@sha256:615afa736606cf0c3059ba357722d0aebfc7fd96891c8f3b44480ab6216a7f35
tccr.io/truecharts/lazylibrarian:latest@sha256:5f480dbc9b63036a8ff59295398a60e5c02c403cebed7d429a51b651e1ed8b65
##### Scan Results
@ -73,7 +73,7 @@ hide:
| ssl_client | CVE-2021-42375 | MEDIUM | 1.33.1-r3 | 1.33.1-r5 | <details><summary>Expand...</summary><a href="https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/">https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/</a><br><a href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/">https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/</a><br></details> |
#### Container: tccr.io/truecharts/lazylibrarian:latest@sha256:615afa736606cf0c3059ba357722d0aebfc7fd96891c8f3b44480ab6216a7f35 (ubuntu 18.04)
#### Container: tccr.io/truecharts/lazylibrarian:latest@sha256:5f480dbc9b63036a8ff59295398a60e5c02c403cebed7d429a51b651e1ed8b65 (ubuntu 18.04)
**ubuntu**

View File

@ -1,6 +1,15 @@
# Changelog<br>
<a name="sonarr-9.0.27"></a>
### [sonarr-9.0.27](https://github.com/truecharts/apps/compare/sonarr-9.0.26...sonarr-9.0.27) (2021-12-20)
#### Chore
* update docker general non-major ([#1589](https://github.com/truecharts/apps/issues/1589))
<a name="sonarr-9.0.26"></a>
### [sonarr-9.0.26](https://github.com/truecharts/apps/compare/sonarr-9.0.25...sonarr-9.0.26) (2021-12-19)

View File

@ -14,7 +14,7 @@ You will, however, be able to use all values referenced in the common chart here
| env | object | `{}` | |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.repository | string | `"tccr.io/truecharts/sonarr"` | |
| image.tag | string | `"v3.0.6.1342@sha256:245800dc1c4304f8121bf0d3e5dda4251eb613b0dfe20e5975ceb9f88eaba8e6"` | |
| image.tag | string | `"v3.0.6.1342@sha256:6a0f45517f706c877d7b5ae0605decf4993d7312920952aa7509b4cb003c137a"` | |
| persistence.config.enabled | bool | `true` | |
| persistence.config.mountPath | string | `"/config"` | |
| probes.liveness.custom | bool | `true` | |

File diff suppressed because one or more lines are too long

View File

@ -1196,6 +1196,43 @@ entries:
- https://github.com/truecharts/apps/releases/download/babybuddy-5.0.16/babybuddy-5.0.16.tgz
version: 5.0.16
bazarr:
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
- media
truecharts.org/grade: U
apiVersion: v2
appVersion: 1.0.1
created: "2021-12-20T17:59:28.62539634Z"
dependencies:
- name: common
repository: https://truecharts.org
version: 8.9.24
description: Bazarr is a companion application to Sonarr and Radarr. It manages
and downloads subtitles based on your requirements
digest: de53cf7a8d95f693c9b90568b5df63c26ea7864456fcb3f761763ae608019f77
home: https://github.com/truecharts/apps/tree/master/charts/stable/bazarr
icon: https://truecharts.org/_static/img/appicons/bazarr-icon.png
keywords:
- bazarr
- radarr
- sonarr
- subtitles
- usenet
- torrent
kubeVersion: '>=1.16.0-0'
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: bazarr
sources:
- https://github.com/morpheus65535/bazarr
- https://hub.docker.com/r/linuxserver/bazarr
type: application
urls:
- https://github.com/truecharts/apps/releases/download/bazarr-9.0.28/bazarr-9.0.28.tgz
version: 9.0.28
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@ -6173,6 +6210,37 @@ entries:
- https://github.com/truecharts/apps/releases/download/embystat-0.0.1/embystat-0.0.1.tgz
version: 0.0.1
emulatorjs:
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
- incubator
truecharts.org/grade: U
apiVersion: v2
appVersion: 1.4.2
created: "2021-12-20T17:59:28.835310542Z"
dependencies:
- name: common
repository: https://truecharts.org
version: 8.9.24
description: Emulatorjs - In browser web based emulation portable to nearly any
device for many retro consoles.
digest: 5feafef5bbc8b4bd3d78f3a8bc3ceee694612e6b09e49cbd47d7acb61803e32c
home: https://github.com/truecharts/apps/tree/master/charts/stable/emulatorjs
icon: https://truecharts.org/_static/img/appicons/emulatorjs-icon.png
keywords:
- emulatorjs
kubeVersion: '>=1.16.0-0'
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: emulatorjs
sources:
- https://hub.docker.com/r/linuxserver/emulatorjs
type: application
urls:
- https://github.com/truecharts/apps/releases/download/emulatorjs-0.0.8/emulatorjs-0.0.8.tgz
version: 0.0.8
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@ -13196,6 +13264,38 @@ entries:
- https://github.com/truecharts/apps/releases/download/komga-4.0.24/komga-4.0.24.tgz
version: 4.0.24
lazylibrarian:
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
- media
truecharts.org/grade: U
apiVersion: v2
appVersion: latest
created: "2021-12-20T17:59:29.038072203Z"
dependencies:
- name: common
repository: https://truecharts.org
version: 8.9.24
description: Get all your books, like series with Sonarr...
digest: f30af3ac6dbebf6128f799fea7ca6a87548d039dae1b1b1d35df4677a7a7c9d2
home: https://github.com/truecharts/apps/tree/master/charts/stable/lazylibrarian
icon: https://truecharts.org/_static/img/appicons/lazylibrarian-icon.png
keywords:
- lazylibrarian
- ebooks
kubeVersion: '>=1.16.0-0'
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: lazylibrarian
sources:
- https://gitlab.com/LazyLibrarian/LazyLibrarian.git
- https://lazylibrarian.gitlab.io
type: application
urls:
- https://github.com/truecharts/apps/releases/download/lazylibrarian-9.0.34/lazylibrarian-9.0.34.tgz
version: 9.0.34
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@ -18894,6 +18994,36 @@ entries:
- https://github.com/truecharts/apps/releases/download/odoo-4.0.12/odoo-4.0.12.tgz
version: 4.0.12
omada-controller:
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
- media
truecharts.org/grade: U
apiVersion: v2
appVersion: "4.4"
created: "2021-12-20T17:59:29.24188867Z"
dependencies:
- name: common
repository: https://truecharts.org
version: 8.9.24
description: Omada is a SDN tool for TP-Link Omada hardware
digest: 1d9f240a38440326cf72807be11975b1b5cf9d86d38bf53c368967173c023de3
home: https://github.com/truechartsapps/tree/master/charts/stable/omada-controller
icon: https://truecharts.org/_static/img/appicons/omada-controller-icon.png
keywords:
- omada-controller
kubeVersion: '>=1.16.0-0'
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: omada-controller
sources:
- https://github.com/mbentley/docker-omada-controller
- https://github.com/truechartsapps/tree/master/charts/omada-controller
urls:
- https://github.com/truecharts/apps/releases/download/omada-controller-4.0.36/omada-controller-4.0.36.tgz
version: 4.0.36
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@ -23297,6 +23427,48 @@ entries:
- https://github.com/truecharts/apps/releases/download/promcord-2.0.0/promcord-2.0.0.tgz
version: 2.0.0
prometheus:
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
- metrics
truecharts.org/grade: U
apiVersion: v2
appVersion: 0.53.0
created: "2021-12-20T17:59:29.475112205Z"
dependencies:
- name: common
repository: https://truecharts.org
version: 8.9.24
- condition: exporters.enabled,exporters.node-exporter.enabled
name: node-exporter
repository: https://charts.bitnami.com/bitnami
version: 2.3.17
- condition: exporters.enabled,exporters.kube-state-metrics.enabled
name: kube-state-metrics
repository: https://charts.bitnami.com/bitnami
version: 2.1.19
description: kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards,
and Prometheus rules combined with documentation and scripts to provide easy
to operate end-to-end Kubernetes cluster monitoring with Prometheus using the
Prometheus Operator.
digest: 0d067238dd1d20441a5209abf3c5c7769ae0d3abeff79c1d0045f2a0aeb20e85
home: https://github.com/truecharts/apps/tree/master/charts/stable/prometheus
icon: https://truecharts.org/_static/img/appicons/prometheus-icon.png
keywords:
- metrics
kubeVersion: '>=1.16.0-0'
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: prometheus
sources:
- https://github.com/prometheus-community/helm-charts
- https://github.com/prometheus-operator/kube-prometheus
type: application
urls:
- https://github.com/truecharts/apps/releases/download/prometheus-1.1.26/prometheus-1.1.26.tgz
version: 1.1.26
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@ -27918,6 +28090,38 @@ entries:
- https://github.com/truecharts/apps/releases/download/snipe-it-0.0.11/snipe-it-0.0.11.tgz
version: 0.0.11
sonarr:
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
- media
truecharts.org/grade: U
apiVersion: v2
appVersion: 3.0.6.1342
created: "2021-12-20T17:59:29.680116279Z"
dependencies:
- name: common
repository: https://truecharts.org
version: 8.9.24
description: Smart PVR for newsgroup and bittorrent users
digest: a7f9a5818f7ebc5a188888b1b288eb29eac8a4d2af15f2eed9da04f27eaadf9c
home: https://github.com/truecharts/apps/tree/master/charts/stable/sonarr
icon: https://truecharts.org/_static/img/appicons/sonarr-icon.png
keywords:
- sonarr
- torrent
- usenet
kubeVersion: '>=1.16.0-0'
maintainers:
- email: info@truecharts.org
name: TrueCharts
url: https://truecharts.org
name: sonarr
sources:
- https://github.com/Sonarr/Sonarr
type: application
urls:
- https://github.com/truecharts/apps/releases/download/sonarr-9.0.27/sonarr-9.0.27.tgz
version: 9.0.27
- annotations:
truecharts.org/SCALE-support: "true"
truecharts.org/catagories: |
@ -33035,4 +33239,4 @@ entries:
urls:
- https://github.com/truecharts/apps/releases/download/zwavejs2mqtt-9.0.24/zwavejs2mqtt-9.0.24.tgz
version: 9.0.24
generated: "2021-12-20T13:22:23.642396399Z"
generated: "2021-12-20T17:59:29.682387392Z"