summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTakuya Noguchi <takninnovationresearch@gmail.com>2019-01-16 17:47:52 +0900
committerTakuya Noguchi <takninnovationresearch@gmail.com>2019-01-18 09:21:47 +0900
commitdb237d843109410b8e8c0dbcefec08ff3aac44a2 (patch)
tree6b8ed559d4362cb69c5f0b6a0ce7f78d879ea024
parentb9494bf302e6b13fed230bec598c427a32f05ff7 (diff)
downloadgitlab-ce-db237d843109410b8e8c0dbcefec08ff3aac44a2.tar.gz
Update Helm to 2.12.2 to address Helm client vulnerability56417-update-helm-to-2-12-2-ado-test
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
-rw-r--r--changelogs/unreleased/56417-update-helm-to-2-12-2.yml5
-rw-r--r--lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml2
-rw-r--r--lib/gitlab/kubernetes/helm.rb2
-rw-r--r--spec/lib/gitlab/kubernetes/helm/pod_spec.rb2
4 files changed, 8 insertions, 3 deletions
diff --git a/changelogs/unreleased/56417-update-helm-to-2-12-2.yml b/changelogs/unreleased/56417-update-helm-to-2-12-2.yml
new file mode 100644
index 00000000000..f01915c532f
--- /dev/null
+++ b/changelogs/unreleased/56417-update-helm-to-2-12-2.yml
@@ -0,0 +1,5 @@
+---
+title: Update Helm to 2.12.2 to address Helm client vulnerability
+merge_request: 24418
+author: Takuya Noguchi
+type: security
diff --git a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
index 95160e1432f..ebf0a6d46c4 100644
--- a/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
+++ b/lib/gitlab/ci/templates/Auto-DevOps.gitlab-ci.yml
@@ -50,7 +50,7 @@ variables:
POSTGRES_DB: $CI_ENVIRONMENT_SLUG
KUBERNETES_VERSION: 1.11.6
- HELM_VERSION: 2.11.0
+ HELM_VERSION: 2.12.2
DOCKER_DRIVER: overlay2
diff --git a/lib/gitlab/kubernetes/helm.rb b/lib/gitlab/kubernetes/helm.rb
index 03d38ec78fd..bbac15c7710 100644
--- a/lib/gitlab/kubernetes/helm.rb
+++ b/lib/gitlab/kubernetes/helm.rb
@@ -3,7 +3,7 @@
module Gitlab
module Kubernetes
module Helm
- HELM_VERSION = '2.11.0'.freeze
+ HELM_VERSION = '2.12.2'.freeze
KUBECTL_VERSION = '1.11.0'.freeze
NAMESPACE = 'gitlab-managed-apps'.freeze
SERVICE_ACCOUNT = 'tiller'.freeze
diff --git a/spec/lib/gitlab/kubernetes/helm/pod_spec.rb b/spec/lib/gitlab/kubernetes/helm/pod_spec.rb
index 2dd3a570a1d..9cb79148028 100644
--- a/spec/lib/gitlab/kubernetes/helm/pod_spec.rb
+++ b/spec/lib/gitlab/kubernetes/helm/pod_spec.rb
@@ -30,7 +30,7 @@ describe Gitlab::Kubernetes::Helm::Pod do
it 'should generate the appropriate specifications for the container' do
container = subject.generate.spec.containers.first
expect(container.name).to eq('helm')
- expect(container.image).to eq('registry.gitlab.com/gitlab-org/cluster-integration/helm-install-image/releases/2.11.0-kube-1.11.0')
+ expect(container.image).to eq('registry.gitlab.com/gitlab-org/cluster-integration/helm-install-image/releases/2.12.2-kube-1.11.0')
expect(container.env.count).to eq(3)
expect(container.env.map(&:name)).to match_array([:HELM_VERSION, :TILLER_NAMESPACE, :COMMAND_SCRIPT])
expect(container.command).to match_array(["/bin/sh"])