chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) - autoclosed #10736

renovate · 2024-08-09T17:18:47Z

This PR contains the following updates:

Package	Update	Change
redis (source)	major	`~19.6.0` -> `~20.13.0`

Release Notes

bitnami/charts (redis)

`v20.13.4`

[bitnami/redis] Switch shell from /bin/sh to /bin/bash to improve process handling (#33181)

`v20.13.3`

[bitnami/redis] Release 20.13.3 (#33217)

`v20.13.2`

[bitnami/redis] Release 20.13.2 (#33157) (98a2ec9), closes #33157

`v20.13.1`

[bitnami/redis] Release 20.13.1 (#33089) (f23fc62), closes #33089

`v20.13.0`

[bitnami/redis] feat: ✨ Disable empty-dirs when readOnlyRootFS is disabled (#33108) (ed03d4d), closes #33108

`v20.12.2`

[bitnami/redis] fix 32573 - Always announce hostname independent of external service configuration ( (282ae5c), closes #33024

`v20.12.1`

[bitnami/redis] Fix sentinel masterService extraPorts not rendered (#32961) (cbc134f), closes #32961

`v20.12.0`

[bitnami/redis] Support retrieving Redis ACL user passwords from Kubernetes Secrets (#32434) (e4fd127), closes #32434

`v20.11.5`

[bitnami/redis] Handle SIGTERM in kubectl-shared container (#32085) (dad454d), closes #32085

`v20.11.4`

[bitnami/*] Add tanzuCategory annotation (#32409) (a8fba5c), closes #32409
[bitnami/redis] Release 20.11.4 (#32561) (f40ecff), closes #32561

`v20.11.3`

[bitnami/redis] fix 32214 - REDIS_PASSWORD_FILE uses wrong filename from volume (#32215) (5a31fa6), closes #32215

`v20.11.2`

[bitnami/redis] Fix usePasswordFile typo in metrics container (#32259) (a2cb202), closes #32259

`v20.11.1`

[bitnami/redis] Disable all usages of usePasswordFiles if auth.enabled is unset (#32253) (1642f81), closes #32253

`v20.11.0`

[bitnami/redis] feat: Add external access service for redis sentinel (#32190) (0582ac3), closes #32190

`v20.10.1`

[bitnami/redis]: only use auth.usePasswordFiles if auth.enabled is set (#32208) (1d96748), closes #32208

`v20.10.0`

[bitnami/redis] Set usePasswordFiles=true by default (#32117) (2f80b74), closes #32117

`v20.9.0`

[bitnami/redis] Add ACL Authentication for Sentinel Nodes (#31974) (61b2888), closes #31974

`v20.8.0`

[bitnami/redis] feat: add parameter to disable checksums (#31948) (990014f), closes #31948

`v20.7.1`

[bitnami/*] Use CDN url for the Bitnami Application Icons (#31881) (d9bb11a), closes #31881
[bitnami/redis] Release 20.7.1 (#31943) (e82cc74), closes #31943

`v20.7.0`

[bitnami/redis] Redis ACL support to the Bitnami Redis Helm Chart (#31707) (9c6e5d6), closes #31707
Update copyright year (#31682) (e9f02f5), closes #31682

`v20.6.3`

[bitnami/redis] fix: update JSON schema to allow string values for values passed to tpl (#30526) (2c78a06), closes #30526

`v20.6.2`

[bitnami/redis] Release 20.6.2 (#31238) (f24c74c), closes #31238

`v20.6.1`

[bitnami/redis] Release 20.6.1 (#31138) (2da450b), closes #31138

`v20.6.0`

[bitname/redis] Add support for master and replicas resources to be annotated (#31034) (5111fa5), closes #31034
[bitnami/*] Fix typo in README (#31052) (b41a51d), closes #31052
Redis Readme: fix typo in value key name (#31007) (4a8c60a), closes #31007

`v20.5.0`

[bitnami/*] Add Bitnami Premium to NOTES.txt (#30854) (3dfc003), closes #30854
[bitnami/redis] Detect non-standard images (#30942) (f06f8db), closes #30942

`v20.4.1`

[bitnami/redis] CA shouldn't be mandatory when TLS is enabled (#30520) (85219eb), closes #30520

`v20.4.0`

[bitnami/*] docs: 📝 Add "Prometheus metrics" (batch 5) (#30674) (ed2a546), closes #30674
[bitnami/redis] add extraPortsEnabled (#30607) (77a98fa), closes #30607

`v20.3.0`

[bitnami/redis] feat: ✨ Allow updating credentials via values.yaml (#30452) (d6a3118), closes #30452

`v20.2.2`

[bitnami/*] Remove wrong comment about imagePullPolicy (#30107) (a51f9e4), closes #30107
[bitnami/redis] Release 20.2.2 (#30407) (ae54e98), closes #30407
Update documentation links to techdocs.broadcom.com (#29931) (f0d9ad7), closes #29931

`v20.2.1`

[bitnami/redis] Fix preExecCmds parameter (#29898) (6db8a2e), closes #29898

`v20.2.0`

[bitnami/redis] add extraPodSpec (#29725) (0d2b826), closes #29725

`v20.1.7`

[bitnami/redis] Release 20.1.7 (#29756) (bc01e03), closes #29756

`v20.1.6`

[bitnami/redis] adds kind & apiVersion for pvc template in statefulset (#29678) (13212d2), closes #29678

`v20.1.5`

[bitnami/redis] - fix additionalEndpoints in servicemonitor (#29595) (6e674ff), closes #29595

`v20.1.4`

[bitnami/redis] Release 20.1.4 (#29530) (8053b1a), closes #29530

`v20.1.3`

[bitnami/redis] Release 20.1.3 (#29411) (b0b5c88), closes #29411

`v20.1.2`

[bitnami/redis] Use common password manager to handle password (#29376) (6ec3657), closes #29376

`v20.1.1`

[bitnami/redis] fix: move variable from annotation to label (#29209) (396fa01), closes #29209

`v20.1.0`

[bitnami/redis] Support extraEnvVars on volume-permissions for dynamic subfolders (#29195) (b33ff20), closes #29195

`v20.0.5`

[bitnami/redis] label slave pod using sentinel masterService (#29121) (6ae397f), closes #29121

`v20.0.4`

[bitnami/redis] update values.schema.json (#29106) (8a2fea3), closes #29106

`v20.0.3`

[bitnami/redis] Release 20.0.3 (#28941) (d2a1abb), closes #28941

`v20.0.2`

[bitnami/redis] Release 20.0.2 (#28881) (582b058), closes #28881
[bitnami/redis] Update README after major update (#28848) (a96205b), closes #28848

`v20.0.1`

[bitnami/redis] fix: Use rollout restart in ginkgo tests (#28813) (1d8cb54), closes #28813

`v20.0.0`

[bitnami/redis] Release 20.0.0 (#28810) (9e08d34), closes #28810

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

dryrunsecurity · 2024-08-09T17:18:59Z

DryRun Security Summary

Helm chart for DefectDojo updated Redis chart dependency from version 19.6.4 to 20.11.4, with no identified security vulnerabilities but recommended careful review of potential configuration changes.

Expand for full summary

Summary: Helm chart updates for DefectDojo, specifically modifying Redis chart dependency from version 19.6.4 to 20.11.4, with no direct security vulnerabilities identified.

Security Findings:

No concrete security vulnerabilities were found in the provided summaries.

Note: While no direct vulnerabilities were detected, the significant version jump in the Redis Helm chart could potentially introduce configuration changes that should be carefully reviewed during deployment.

View PR in the DryRun Dashboard.

cneill

Looks like this version of the chart is using Redis 7.4.0, which we've held off on elsewhere:

❯ helm search repo bitnami/redis -l
NAME                    CHART VERSION   APP VERSION     DESCRIPTION
bitnami/redis           20.0.1          7.4.0           Redis(R) is an open source, advanced key-value ...
bitnami/redis           20.0.0          7.4.0           Redis(R) is an open source, advanced key-value ...

mtesauro · 2024-08-12T20:07:58Z

@cneill Good catch - that licensing change would likely not be expected by those using the helm chart in this repo beyond it not matching the upstream version

Let's sit on this for now 👍

Problematic bump of Redis version

fcecagno · 2025-03-18T22:07:39Z

Just for the record, this is from a scan on the current version of DD (chart version 1.6.178):

mtesauro · 2025-03-20T21:35:24Z

One thing you might not be aware of is that OWASP requires projects to have an OSI approved license. DefectDojo is an OWASP project and in addition to other concerns, mixing an OSI license with a non-OSI license for a key component muddies up the projects license story.

We're still reviewing options but, for now, we're sticking with the pre-license change version of Redis.

This is an open source project and you're welcome & free to use whatever version of Redis suits your needs. Just update the container reference (compose) or Helm (k8s) accordingly.

github-actions · 2025-03-28T19:43:20Z

This pull request has conflicts, please resolve those before we can evaluate the pull request.

github-actions · 2025-03-28T19:44:01Z

Conflicts have been resolved. A maintainer will review the pull request shortly.

dryrunsecurity · 2025-04-15T19:04:57Z

No security concerns detected in this pull request.

All finding details can be found in the DryRun Security Dashboard.

…aml)

renovate bot added the dependencies Pull requests that update a dependency file label Aug 9, 2024

github-actions bot added the helm label Aug 9, 2024

mtesauro previously approved these changes Aug 9, 2024

View reviewed changes

cneill requested changes Aug 12, 2024

View reviewed changes

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Aug 13, 2024

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Aug 14, 2024

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Aug 14, 2024

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Aug 19, 2024

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Aug 29, 2024

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Aug 30, 2024

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Aug 30, 2024

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Sep 1, 2024

renovate bot force-pushed the renovate/redis-20.x branch from 4a66881 to 957b1fb Compare September 9, 2024 11:04

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Sep 16, 2024

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Sep 17, 2024

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Sep 17, 2024

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Sep 19, 2024

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Sep 19, 2024

renovate bot force-pushed the renovate/redis-20.x branch 2 times, most recently from 9393dca to 1a1fb89 Compare October 9, 2024 12:06

renovate bot force-pushed the renovate/redis-20.x branch from 1a1fb89 to 6a64d6e Compare October 31, 2024 00:27

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Nov 12, 2024

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Nov 12, 2024

renovate bot force-pushed the renovate/redis-20.x branch 2 times, most recently from 82d3143 to 0f7f428 Compare November 14, 2024 22:45

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Nov 18, 2024

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Nov 22, 2024

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Mar 19, 2025

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Mar 20, 2025

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Mar 21, 2025

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Mar 22, 2025

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Mar 23, 2025

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Mar 24, 2025

github-actions bot added the conflicts-detected label Mar 28, 2025

renovate bot force-pushed the renovate/redis-20.x branch from 5741e90 to 3f81691 Compare March 28, 2025 19:43

github-actions bot removed the conflicts-detected label Mar 28, 2025

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Apr 11, 2025

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Apr 14, 2025

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Apr 14, 2025

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Apr 14, 2025

renovate bot force-pushed the renovate/redis-20.x branch from 3f81691 to 6544620 Compare April 15, 2025 19:04

renovate bot requested a review from Maffooch as a code owner April 15, 2025 19:04

Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.y…

9e8723d

…aml)

renovate bot force-pushed the renovate/redis-20.x branch from 6544620 to 9e8723d Compare April 22, 2025 15:59

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Apr 28, 2025

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Apr 28, 2025

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Apr 28, 2025

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml) Apr 29, 2025

renovate bot changed the title ~~Update Helm release redis from 19.6.4 to v20 (helm/defectdojo/Chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) Apr 29, 2025

renovate bot changed the title ~~chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml)~~ chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) - autoclosed May 6, 2025

renovate bot closed this May 6, 2025

mtesauro mentioned this pull request May 6, 2025

chore(deps): update helm release redis from 19.6.4 to v21 (helm/defectdojo/chart.yaml) #12393

Open

1 task

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) - autoclosed #10736

chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) - autoclosed #10736

renovate bot commented Aug 9, 2024 •

edited

Loading

dryrunsecurity bot commented Aug 9, 2024 •

edited

Loading

cneill left a comment

mtesauro commented Aug 12, 2024

fcecagno commented Mar 18, 2025

mtesauro commented Mar 20, 2025

github-actions bot commented Mar 28, 2025

github-actions bot commented Mar 28, 2025

dryrunsecurity bot commented Apr 15, 2025 •

edited

Loading

chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) - autoclosed #10736

chore(deps): update helm release redis from 19.6.4 to v20 (helm/defectdojo/chart.yaml) - autoclosed #10736

Conversation

renovate bot commented Aug 9, 2024 • edited Loading

Release Notes

Configuration

dryrunsecurity bot commented Aug 9, 2024 • edited Loading

DryRun Security Summary

cneill left a comment

Choose a reason for hiding this comment

mtesauro commented Aug 12, 2024

fcecagno commented Mar 18, 2025

mtesauro commented Mar 20, 2025

github-actions bot commented Mar 28, 2025

github-actions bot commented Mar 28, 2025

dryrunsecurity bot commented Apr 15, 2025 • edited Loading

renovate bot commented Aug 9, 2024 •

edited

Loading

dryrunsecurity bot commented Aug 9, 2024 •

edited

Loading

dryrunsecurity bot commented Apr 15, 2025 •

edited

Loading