github/podinfo
1
0
Fork 0
mirror of https://github.com/stefanprodan/podinfo.git synced 2026-04-06 02:56:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,119 Commits 9 Branches 105 Tags
6.11.1
Commit Graph

1119 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefan Prodan
0a27dbe40c Merge pull request #465 from stefanprodan/release-6.11.1 
Release 6.11.1
6.11.1 		2026-03-14 15:27:35 +02:00
Stefan Prodan
2da74a4ec2 Release 6.11.1 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2026-03-14 15:18:19 +02:00
Stefan Prodan
c7ffdba3bd Merge pull request #461 from stefanprodan/dependabot/github_actions/actions-1590fac0fc 
build(deps): bump the actions group with 5 updates
 2026-03-14 15:10:39 +02:00
Stefan Prodan
06f7cd3777 Merge pull request #464 from stefanprodan/fix-store-path-traversal 
Fix path traversal in `/store` endpoint
 2026-03-14 15:08:52 +02:00
Stefan Prodan
620b9b7e2c Fix path traversal in /store endpoint 
Validate that the hash URL parameter matches the expected SHA1 hex
format (40 lowercase hex characters) before using it in file path
operations.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2026-03-14 15:02:25 +02:00
Stefan Prodan
83deb7fcb7 Merge pull request #463 from stefanprodan/fix-CVE-2025-70849 
Fix XSS in `/store` endpoint (CVE-2025-70849)
 2026-03-14 14:58:53 +02:00
Stefan Prodan
550ee9f7b9 Fix stored XSS in /store endpoint (CVE-2025-70849) 
Set Content-Type to application/octet-stream in storeReadHandler
to prevent Go's content sniffing from serving HTML payloads as
text/html. Add X-Content-Type-Options: nosniff to prevent browsers
from overriding Content-Type via MIME sniffing, and
Content-Security-Policy: default-src 'none' to block script
execution as defense-in-depth.

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2026-03-14 14:40:55 +02:00
dependabot[bot]
dd185df435 build(deps): bump the actions group with 5 updates 
Bumps the actions group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3` | `4` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3` | `4` |
| [docker/login-action](https://github.com/docker/login-action) | `3` | `4` |
| [docker/metadata-action](https://github.com/docker/metadata-action) | `5` | `6` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `6` | `7` |


Updates `docker/setup-qemu-action` from 3 to 4
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v3...v4)

Updates `docker/setup-buildx-action` from 3 to 4
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v3...v4)

Updates `docker/login-action` from 3 to 4
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v3...v4)

Updates `docker/metadata-action` from 5 to 6
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/v5...v6)

Updates `docker/build-push-action` from 6 to 7
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v6...v7)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: docker/setup-buildx-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: docker/login-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: docker/metadata-action
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: docker/build-push-action
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-09 06:46:46 +00:00
Stefan Prodan
07a524ba01 Merge pull request #460 from stefanprodan/release-6.11.0 
Release 6.11.0
6.11.0 		2026-03-06 19:50:57 +00:00
Stefan Prodan
5d97df9c89 Release 6.11.0 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2026-03-06 21:43:50 +02:00
Stefan Prodan
a8cadef09b Merge pull request #459 from stefanprodan/cosign-v3 
Sign release artifacts with cosign v3
 2026-03-06 19:32:20 +00:00
Stefan Prodan
32f6e3d8c9 Sign release artifacts with cosign v3 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2026-03-06 21:31:06 +02:00
Stefan Prodan
77dc46241d Merge pull request #458 from matheuscscp/grpcroute 
Introduce GRPCRoute in the Helm chart
 2026-03-06 19:23:43 +00:00
Matheus Pimenta
3a31e973c0 Introduce GRPCRoute in the Helm chart 
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
 2026-03-06 03:44:28 +00:00
Stefan Prodan
e15511a92d Merge pull request #456 from matheuscscp/check-grpc-tls 
Introduce `--tls` flag for command `check grpc`
 2026-03-03 08:36:06 +02:00
Matheus Pimenta
4656ca0517 Introduce --tls flag for command check grpc 
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
 2026-03-03 03:02:20 +00:00
Stefan Prodan
1f66430364 Merge pull request #455 from matheuscscp/ws-check 
Introduce podcli check ws command
 2026-03-02 20:46:52 +02:00
Matheus Pimenta
117533e329 Introduce podcli check ws command 
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
 2026-03-02 17:38:35 +00:00
Stefan Prodan
29827dd944 Merge pull request #453 from stefanprodan/release-6.10.2 
Release 6.10.2
6.10.2 		2026-03-01 10:22:42 +02:00
Stefan Prodan
9525259938 Release 6.10.2 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2026-03-01 10:17:39 +02:00
Stefan Prodan
a53ddbcffc Merge pull request #452 from stefanprodan/go-1.26 
Build with Go 1.26
 2026-03-01 10:15:35 +02:00
Stefan Prodan
e3c8277e58 Update redis to 8.6.1 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2026-03-01 10:10:08 +02:00
Stefan Prodan
420b2f64b8 Build with Go 1.26 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2026-03-01 10:05:27 +02:00
Stefan Prodan
0a93807324 Merge pull request #450 from stefanprodan/dependabot/github_actions/actions-9753a9b660 
build(deps): bump the actions group with 2 updates
 2026-03-01 09:56:59 +02:00
dependabot[bot]
d73d94eec9 build(deps): bump the actions group with 2 updates 
Bumps the actions group with 2 updates: [helm/kind-action](https://github.com/helm/kind-action) and [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action).


Updates `helm/kind-action` from 1.13.0 to 1.14.0
- [Release notes](https://github.com/helm/kind-action/releases)
- [Commits](https://github.com/helm/kind-action/compare/v1.13.0...v1.14.0)

Updates `goreleaser/goreleaser-action` from 6 to 7
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/v6...v7)

---
updated-dependencies:
- dependency-name: helm/kind-action
  dependency-version: 1.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: goreleaser/goreleaser-action
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 06:56:00 +00:00
Stefan Prodan
a723c9447d Merge pull request #449 from stefanprodan/release-6.10.1
Some checks failed
e2e / kind-timoni (push) Failing after 6s
e2e / kind-helm (push) Failing after 1m57s
test / test (push) Failing after 5m47s
cve-scan / govulncheck (push) Successful in 12m37s
Release v6.10.1
6.10.1 		2026-02-03 17:46:37 +02:00
Stefan Prodan
eca2d3a1d9 Release v6.10.1 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2026-02-03 17:42:33 +02:00
Stefan Prodan
2dfda568b2 Merge pull request #448 from matheuscscp/job-ttl 
chart: introduce configurable Job hook
 2026-02-03 17:39:43 +02:00
Matheus Pimenta
4d7604ab63 chart: introduce configurable Job hook 
Signed-off-by: Matheus Pimenta <matheuscscp@gmail.com>
 2026-02-03 15:27:53 +00:00
Stefan Prodan
f3c2e57a6f Merge pull request #447 from stefanprodan/release-6.10.0
Some checks failed
e2e / kind-helm (push) Failing after 2m23s
e2e / kind-timoni (push) Failing after 11s
test / test (push) Failing after 23s
cve-scan / govulncheck (push) Successful in 12m20s
Release v6.10.0
6.10.0 		2026-02-01 12:34:49 +02:00
Stefan Prodan
8bded1ba80 Release v6.10.0 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2026-02-01 12:30:00 +02:00
Stefan Prodan
da120efc04 Merge pull request #446 from stefanprodan/helm-remove-linkerd 
helm: remove linkerd profile
 2026-02-01 12:27:17 +02:00
Stefan Prodan
ea672716dd helm: remove linkerd profile 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2026-02-01 12:22:40 +02:00
Stefan Prodan
47742372b9 Merge pull request #441 from darox/add-external-traffic-policy 
helm: add externalTrafficPolicy value
 2026-02-01 12:13:50 +02:00
Stefan Prodan
30be5f5b6a Merge pull request #445 from stefanprodan/update-go-deps 
Update dependencies
 2026-02-01 12:12:22 +02:00
Stefan Prodan
4fb3be1de0 Update dependencies 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2026-02-01 12:08:25 +02:00
Stefan Prodan
d532cc2a24 Merge pull request #444 from stefanprodan/deploy-database-demo 
Add database deployment demo
 2026-02-01 11:56:08 +02:00
Stefan Prodan
f1eb631ac9 Add database deployment demo 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2026-02-01 11:45:23 +02:00
darox
03172452ee service: add externalTrafficPolicy value 
Signed-off-by: darox <maderdario@gmail.com>
 2025-12-22 14:26:32 +01:00
Stefan Prodan
b6b680fe50 Merge pull request #439 from stefanprodan/release-6.9.4
Some checks failed
cve-scan / govulncheck (push) Successful in 12m0s
e2e / kind-helm (push) Failing after 1m13s
e2e / kind-timoni (push) Failing after 7s
test / test (push) Failing after 5m32s
Release 6.9.4
6.9.4 		2025-12-07 20:02:41 +00:00
Stefan Prodan
e51374c0ec Release 6.9.4 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2025-12-07 21:58:53 +02:00
Stefan Prodan
80b5bf5495 Merge pull request #438 from stefanprodan/fix-httproute 
helm: Add namespace to HTTPRoute
 2025-12-07 19:52:57 +00:00
Stefan Prodan
f53a3109cf helm: Add namespace to HTTPRoute 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2025-12-07 21:46:51 +02:00
Stefan Prodan
11b7ac4319 Merge pull request #436 from stefanprodan/dependabot/github_actions/actions-27fc00b90e 
build(deps): bump fluxcd/flux2 from 2.7.4 to 2.7.5 in the actions group
 2025-12-07 19:45:44 +00:00
Stefan Prodan
396a56493b Merge pull request #424 from darox/helm-add-trafficDistribution 
helm: add trafficDistribution to service spec
 2025-12-07 19:43:18 +00:00
darox
4991d2e6d0 helm: add trafficDistribution and additionalLabels to service config 
This commit adds the trafficDistribution
and additionalLabels parameters to the Helm
chart's service configuration.

Signed-off-by: darox <maderdario@gmail.com>
 2025-12-04 08:57:50 +01:00
dependabot[bot]
c0669703ab build(deps): bump fluxcd/flux2 from 2.7.4 to 2.7.5 in the actions group 
Bumps the actions group with 1 update: [fluxcd/flux2](https://github.com/fluxcd/flux2).


Updates `fluxcd/flux2` from 2.7.4 to 2.7.5
- [Release notes](https://github.com/fluxcd/flux2/releases)
- [Commits](https://github.com/fluxcd/flux2/compare/v2.7.4...v2.7.5)

---
updated-dependencies:
- dependency-name: fluxcd/flux2
  dependency-version: 2.7.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 06:51:24 +00:00
Stefan Prodan
0f360bb788 Merge pull request #434 from stefanprodan/gha-disk-cleanup
Some checks failed
cve-scan / govulncheck (push) Successful in 11m52s
e2e / kind-helm (push) Failing after 1m21s
e2e / kind-timoni (push) Failing after 11s
test / test (push) Failing after 5m30s
ci: Free disk space on Ubuntu runners
 2025-11-28 16:18:18 +02:00
Stefan Prodan
d7fee06b63 ci: Free disk space on Ubuntu runners 
Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
 2025-11-28 16:12:49 +02:00
Stefan Prodan
4f64661bff Merge pull request #433 from stefanprodan/dependabot/github_actions/actions-42767b8147
Some checks failed
cve-scan / govulncheck (push) Successful in 11m41s
e2e / kind-helm (push) Failing after 57s
e2e / kind-timoni (push) Failing after 7s
test / test (push) Failing after 5m14s
build(deps): bump the actions group across 1 directory with 2 updates
 2025-11-26 11:32:14 +02:00