OIDC App Up Versioning

Upversioned the oidc-auth-apps to latest stable versions to pick up the latest CVE fixes. Images From To ------------- ------- ------- helm-charts/dex 0.18.0 0.20.0 dex v2.40.0 v2.41.1 curl 8.8.0 8.11.1 stx-oidc-client stx.9.0-v1.0.7 stx.11.0-v1.0.8 CVE report comparison CVEs CVEs Images Before Up Version After Up Version ------------------ ----------------- ---------------- ghcr.io/dexidp/dex 23 11 curl 14 0 stx-oidc-client 49 2 Test Plan: PASS: Build an master ISO without the the changes. PASS: Build an master ISO with the the changes. PASS: Deploy a SX and a DX system. PASS: The test plan was performed for all kubernetes version available into the image: 1.24.4, 1.25.3, 1.26.1, 1.27.5, 1.28.4, 1.29.2(Default), 1.30.6 PASS: Apply & Test procedure: - Apply oidc-auth-apps acording 'Set up OIDC Auth Applications' guide. The oidc-auth-apps should be applied successfully. - Once oidc-auth-apps in applied status, perform oidc-auth-apps test by creating a user, apply rolebiding and authenticate it using oidc-auth command, check if the new user can send k8s commands based on its roles. - Authenticate using the Remote CLI method, should work. - Authenticate using the WEB Method by accessing the url https://<OAM_IP>:30555, you should be served with a webpage and be able to authenticate through oidc as well. PASS: Update test: - Do the test case 'Apply & Test procedure' to the previous oidc-auth-apps version. - Build oidc-auth-apps tarball with the changes. - Consindering the old oidc-auth-apps in apply state. update the current oidc-auth-apps using the command: system application-update oidc-auth-apps-<version>.tgz. The oidc-auth-apps should be applied automatically. PASS: Installation from scratch: - Remove & delete the oidc-auth-apps with the command: system application-remove oidc-auth-apps and system application-delete oidc-auth-apps - Install from scratch oidc-auth-apps-<version>.tgz using the command: system application-upload oidc-auth-apps-<version>.tgz - Redo the test case 'Apply & Test procedure'. PASS: Full deploy test: - Build an ISO with the changes. - Deploy a system. - Do the test case 'Apply & Test procedure'. The new oidc-auth-apps should be applied successfully. Story: 2011328 Task: 51664 Depends-On: https://review.opendev.org/c/starlingx/helm-charts/+/940380 Change-Id: Ib272e18aabe330988b61f7554aa2787a9caaee7c Signed-off-by: Joaci Morais <joaci.demorais@windriver.com>
2025-01-29 10:59:36 -03:00
parent 30c54951ce
commit ce5d7f5a42
4 changed files with 14 additions and 8 deletions
--- a/helm-charts/custom/oidc-client-helm/oidc-client-helm/oidc-client/values.yaml
+++ b/helm-charts/custom/oidc-client-helm/oidc-client-helm/oidc-client/values.yaml
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2020-2024 Wind River Systems, Inc.
+# Copyright (c) 2020-2025 Wind River Systems, Inc.
 #
 # SPDX-License-Identifier: Apache-2.0
 #
@@ -14,7 +14,7 @@ tlsName: local-dex.tls

 image:
  repository: docker.io/starlingx/stx-oidc-client
-  tag: stx.9.0-v1.0.7
+  tag: stx.11.0-v1.0.8
  pullPolicy: IfNotPresent

 nameOverride: ""
--- a/helm-charts/upstream/dexidp-helm/debian/deb_folder/changelog
+++ b/helm-charts/upstream/dexidp-helm/debian/deb_folder/changelog
@@ -1,3 +1,9 @@
+dexidp-helm (0.20-0) unstable; urgency=medium
+
+  * Upgrade of wrapped dexidp v0.20.0
+
+ --  Joaci Morais <joaci.demorais@windriver.com>  Wed, 29 Jan 2025 10:46:00 +0000
+
 dexidp-helm (0.18-0) unstable; urgency=medium

  * Upgrade of wrapped dexidp v0.18.0
--- a/helm-charts/upstream/dexidp-helm/debian/meta_data.yaml
+++ b/helm-charts/upstream/dexidp-helm/debian/meta_data.yaml
@@ -1,10 +1,10 @@
 ---
 debname: dexidp-helm
-debver: 0.18-0
+debver: 0.20-0
 dl_path:
-  name: dex-0.18.0.tgz
-  url: https://github.com/dexidp/helm-charts/releases/download/dex-0.18.0/dex-0.18.0.tgz
-  sha256sum: 296b24a9a461295874d244af55b594679bb3fb6b9f408fa874066bf5d956fb0b
+  name: dex-0.20.0.tgz
+  url: https://github.com/dexidp/helm-charts/releases/download/dex-0.20.0/dex-0.20.0.tgz
+  sha256sum: e02d370406665e36c3399867895f08a2f30ee6265923e4d75eed4b8d5a85c9ff
 src_files:
  - dexidp-helm/files/Makefile
 revision:
--- a/stx-oidc-auth-helm/stx-oidc-auth-helm/fluxcd-manifests/dex/dex-static-overrides.yaml
+++ b/stx-oidc-auth-helm/stx-oidc-auth-helm/fluxcd-manifests/dex/dex-static-overrides.yaml
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2022-2024 Wind River Systems, Inc.
+# Copyright (c) 2022-2025 Wind River Systems, Inc.
 #
 # SPDX-License-Identifier: Apache-2.0
 #
@@ -7,7 +7,7 @@
 image:
  repository: ghcr.io/dexidp/dex
  pullPolicy: IfNotPresent
-  tag: v2.40.0
+  tag: v2.41.1
 imagePullSecrets:
  - name: default-registry-key
 env: