You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
Artifacthub tries to do security scanning on the contaiers referenced in our charts and is reporting that it cannot scan parts of the huawei-csi-plugin multiple times per day.
To Reproduce
Steps to reproduce the behavior:
Regularly check Artifacthub mail
Expected behavior
The plugin should be delivered in a "scannable by artifacthub" way and not spam us with multiple mails about failed scans per day.
Logs
error scanning image quay.io/k8scsi/csi-attacher:v1.2.1: schema v1 manifest not supported by trivy (package huawei-csi-plugin:0.3.1)
Affected version
all of them
Values
none
Environment
none
Additional context
The image that fails to scan is 2 years old and has since been superseded by both 2.x and 3.x versions of csi-attacher.
The recomended Kubernetes versions for csi-attacher 1.2.1 are 1.14 and 1.15 which are both very much out of date.
Personally i think we should scrap support for this helm chart ASAP. If anything the chart has added reasons for upstream to not push their own efforts further. If need be we can assist anyone using this in migrating the chart to their own helm charts repository or, if upstream wants it, we can contribute it to the efforts being made in their repo.
The text was updated successfully, but these errors were encountered:
Affected chart
huawei-csi-pluginDescribe the bug
Artifacthub tries to do security scanning on the contaiers referenced in our charts and is reporting that it cannot scan parts of the huawei-csi-plugin multiple times per day.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The plugin should be delivered in a "scannable by artifacthub" way and not spam us with multiple mails about failed scans per day.
Logs
Affected version
all of them
Values
none
Environment
none
Additional context
The image that fails to scan is 2 years old and has since been superseded by both 2.x and 3.x versions of csi-attacher.
The recomended Kubernetes versions for csi-attacher 1.2.1 are 1.14 and 1.15 which are both very much out of date.
Huawei has been advised to update the csi-attacher in this issue: Huawei/eSDK_K8S_Plugin#3. A Helm chart of their own has been requested here: Huawei/eSDK_K8S_Plugin#16 wth some progress being made in Huawei/eSDK_K8S_Plugin#35
Personally i think we should scrap support for this helm chart ASAP. If anything the chart has added reasons for upstream to not push their own efforts further. If need be we can assist anyone using this in migrating the chart to their own helm charts repository or, if upstream wants it, we can contribute it to the efforts being made in their repo.
The text was updated successfully, but these errors were encountered: