Avo Sepp issues

Results 19 issues of


                                            Avo Sepp

Importing azuredevops_project does not find existing assets

### Community Note * Please vote on this issue by adding a 👍 [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) to the original issue to help the community and maintainers prioritize this request * Please do...

question

OPAL should have JSON-Schema validator capability

**Describe the solution you'd like** A bad OPAL fetch can result in unexpected and hard to troubleshoot errors. Especially if the maintainers are not as familiar with the original system....

OPAL should inform user if Fetcher returns extremely large value.

**Is your feature request related to a problem? Please describe.** When OPAL receives a very large input from a fetcher, the OPA/OPAL pod tends to crash and restart automatically. This...

Generator for Slack App OAuth Token Rotation

**Is your feature request related to a problem? Please describe.** Slack has a [token rotation](https://api.slack.com/authentication/rotation) API which lets endpoints refresh their OAuth token periodically. Not all applications support the Slack...

kind/feature

track/providers

chore(deps): upgrade haproxy to 2.9.7-alpine - Closes [#18159]

HAProxy was last updated June 14, 2023 to 2.6.14. That release now has two CVEs which are being flagged by Wiz scanner as High vulnerability. 2.6.14 CVE Listings * CVE-2023-40225...

Upgrade HAProxy from 2.6.14 to remedy two CVEs

# Summary HAProxy for ArgoCD HA was last updated June 14, 2023 to 2.6.14. Since that release there are two new CVEs categorized as High for that release. * CVE-2023-40225...

enhancement

Helm Chart rendering RunAsUser at the wrong indent

![Screenshot 2024-02-27 at 10 46 58](https://github.com/windmill-labs/windmill-helm-charts/assets/68659218/5b56ae73-f102-4cce-b317-8862226ea951) See image. runAsUser is not being saved to Kubernetes because it is being rendered one tier above SecurityContext. It should be nested under SecurityContext.

Why is is default user Root and runAsNonRoot false?

Hi, Question is in the title. The default configuration for Windmill's Helm chart sets Windmill as root. Is there a developer reason for this? It impacts our ability to install...

2.11.0 -> 2.11.1 changed the Registry for Redis and HAProxy from Docker to Amazon ECR breaking Cosign verification

**Describe the bug** A recent patch modified the Container Registry used for both Redis and HAProxy. This changed the Registry source from Docker to an Amazon ECR. Those of us...

bug

security

type:security

Test Connection Job should have SecurityContext for Restricted environments

https://github.com/smallstep/helm-charts/blob/a45a9ffd50792d09c024e6d4e0164a1a16a3bd2b/step-certificates/templates/tests/test-connection.yaml#L12 The test connection job won't run in Namespaces which are set to Restricted by Pod Security Admission standard. Adding a SecurityContext to the Test Connection job will fix this...