awx-operator icon indicating copy to clipboard operation
awx-operator copied to clipboard
verified publisher icon ansible

Bump outdated ansible-operator (v1.12) used in Dockerfile to more recent version

Open Raptus1 opened this issue 3 years ago • 2 comments

Please confirm the following

  • [X] I agree to follow this project's code of conduct.
  • [X] I have checked the current issues for duplicates.
  • [X] I understand that the AWX Operator is open source software provided for free and that I might not receive a timely response.

Bug Summary

Currently the Dockerfile used to build the AWX-operator starts with:

FROM quay.io/operator-framework/ansible-operator:v1.12.0 ref: https://github.com/ansible/awx-operator/blob/devel/Dockerfile#L1

This should be bumped to a much more recent version of ansible-operator to get rid og many of the current 298 vulnerabilities. image

AWX Operator version

0.23.0

AWX version

21.2.0

Kubernetes platform

kubernetes

Kubernetes/Platform version

1.23.2

Modifications

no

Steps to reproduce

Use awx-operator directly from quay.io.

Expected results

Using newer ansible-operator.

Actual results

Using outdated ansible-operator.

Additional information

You guys are amazing and deliver a fantastic product!

Operator Logs

No response

Raptus1 avatar Jul 01 '22 09:07 Raptus1

You guys are amazing and deliver a fantastic product!

Thank you for the love!

@rooftopcellist can you take a look and see if this might cause any problems downstream?

akus062381 avatar Jul 06 '22 15:07 akus062381

PR: https://github.com/ansible/awx-operator/pull/1001

shanemcd avatar Aug 03 '22 15:08 shanemcd

I just merged this PR to upgrade the operator-sdk to v1.22.0 so that we can bump the ansible-operator base image and clear up most of these security scan vulnerabilities.

There will be a release later this week with these changes. cc @Raptus1

rooftopcellist avatar Aug 22 '22 22:08 rooftopcellist