🚀 Geodesic is a DevOps Linux Toolbox in Docker
APACHE-2.0 License
Bot releases are hidden (Show)
Published by Nuru over 4 years ago
PR #556
Published by Nuru over 4 years ago
Users running Docker for Mac 2.2.0.0 or later can set
export GEODESIC_MAC_FORWARD_SOCKET=true
before running Geodesic and now SSH keys added to ssh-agent
on the Mac host will be available from inside the Geodesic container. You no longer need to mount and unlock keys on every invocation of Geodesic.
The Docker server socket is also forwarded if $WITH_DOCKER == "true"
Thanks to @tamsky #534
Published by Nuru over 4 years ago
Support for aws-vault
version 4 was removed in this release, but restored in version 0.130.0. See #579.
Update to helm 3, aws-vault 5 (#546)
helm
version 2 is available as helm2
or you can set it as helm
using
update-alternatives --set helm /usr/share/helm/2/bin/helm2
helm
version 3 is available as helm3
and by default as helm
You can tell helmfile
which helm
version to use via the -b
flag
helmfile -b helm2 ...
If you were installing helm
yourself, using something like
apk add helm@cloudposse==2.14.3-r0
then that version of helm
will be used as helm
. It will share plugins with helm2
or helm3
depending on which version it is.
Bumps awscli from 1.16.226 to 1.16.230.
Signed-off-by: dependabot-preview[bot] [email protected]
aws-cli
1.16.209 -> 1.16.226ansible
2.7.12 -> 2.8.4Bring in bug and security fixes and new features
PyYAML is pinned to version 3.13 because that is the latest version that awsebcli
supports. This version of PyYAML has a known vulnerability, CVE-2017-18342, summarized as "the yaml.load() API could execute arbitrary code if used with untrusted data."
At the moment, the only tools Geodesic ships with that use PyYAML (as far as we have been able to determine) are awscli
and awsebcli
. (The yq
command included in Geodesic is a golang tool and not the python-yq
that uses PyYAML.)
awscli
says their tool is not affected by the vulnerability: https://github.com/aws/aws-cli/issues/3828
awsebcli
and CVE-2017-18342Users of awsebcli
or who install their own Python packages should take appropriate precautions.
Due to operational errors, the 0.121.0 release was incorrectly published twice, once as 1.121.0 and once as 0.121.0 but pointing to the wrong commit. Users may want to avoid this release in favor of the prior 0.120.4 or next 0.122.0 release to avoid confusion. However, you can verify which version you have by examining these points:
rootfs/usr/local/bin/codefresh-pipeline
while the next release doesPublished by Nuru about 5 years ago
A typo in grafana-db
broke downloading Grafana dashboards from arbitrary URLs.
Fixed in #517