Update Helm to 2.12.2 to address Helm client vulnerability

Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
2019-01-16 17:47:52 +09:00 · 2019-01-16 17:47:52 +09:00 · db237d8431
parent b9494bf302
commit db237d8431
4 changed files with 8 additions and 3 deletions
--- a/changelogs/unreleased/56417-update-helm-to-2-12-2.yml
+++ b/changelogs/unreleased/56417-update-helm-to-2-12-2.yml
@ -0,0 +1,5 @@
+---
+title: Update Helm to 2.12.2 to address Helm client vulnerability
+merge_request: 24418
+author: Takuya Noguchi
+type: security
--- a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
@ -50,7 +50,7 @@ variables:
  POSTGRES_DB: $CI_ENVIRONMENT_SLUG

  KUBERNETES_VERSION: 1.11.6
-  HELM_VERSION: 2.11.0
+  HELM_VERSION: 2.12.2

  DOCKER_DRIVER: overlay2

--- a/lib/gitlab/kubernetes/helm.rb
+++ b/lib/gitlab/kubernetes/helm.rb
@ -3,7 +3,7 @@
 module Gitlab
  module Kubernetes
    module Helm
-      HELM_VERSION = '2.11.0'.freeze
+      HELM_VERSION = '2.12.2'.freeze
      KUBECTL_VERSION = '1.11.0'.freeze
      NAMESPACE = 'gitlab-managed-apps'.freeze
      SERVICE_ACCOUNT = 'tiller'.freeze
--- a/spec/lib/gitlab/kubernetes/helm/pod_spec.rb
+++ b/spec/lib/gitlab/kubernetes/helm/pod_spec.rb
@ -30,7 +30,7 @@ describe Gitlab::Kubernetes::Helm::Pod do
      it 'should generate the appropriate specifications for the container' do
        container = subject.generate.spec.containers.first
        expect(container.name).to eq('helm')
-        expect(container.image).to eq('registry.gitlab.com/gitlab-org/cluster-integration/helm-install-image/releases/2.11.0-kube-1.11.0')
+        expect(container.image).to eq('registry.gitlab.com/gitlab-org/cluster-integration/helm-install-image/releases/2.12.2-kube-1.11.0')
        expect(container.env.count).to eq(3)
        expect(container.env.map(&:name)).to match_array([:HELM_VERSION, :TILLER_NAMESPACE, :COMMAND_SCRIPT])
        expect(container.command).to match_array(["/bin/sh"])