jk464
jk464
Fixes up a host of CVEs in the `st2` package: Note: The `XRAY` references are vulnerabilities listed by [JFrog Xray](https://jfrog.com/help/r/get-started-with-the-jfrog-platform/jfrog-xray), that don't seem to have a corresponding CVE. JFrog doesn't...
StackStorm Packs are implemented as Git Repos. Currently when `pack install` is run, submodules contained within packs are not handled. This PR implements the `checkout_submodules` option on `pack install` (and...
Enhances `install_pack.py` so that you can pass an optional flag to it (`--get-dependencies`) that will for a given pack when it is installed will also install any other packs the...
When a Pack is installed on Stackstorm using `pack install` - stackstorm performs a clone on the Repo ([Code](https://github.com/StackStorm/st2/blob/dfab25aab0468f330a635db55f01286523217135/st2common/st2common/util/pack_management.py#L205)) - however this results in any submodules present in the repo...
Continuing on from the theme in (https://github.com/StackStorm/stackstorm-k8s/pull/400) this PR is another attempt at improving the security hardening of StackStorm in `k8s`. By default - all inter-pod communication between pods within...
In attempt to harden the security of running StackStorm within k8s, this PR makes it such that by default all containers run as a non-root user, generally `1000:1000` (the `stanley`...
Instead of running `st2tests` as a `pod`, this runs it as a `job`. To ensure the job only runs once, and fails if a test fails, I've added: ``` restartPolicy:...
Some containers where missing the ability to specify an `imagePullPolicy`. This adds in those missing options, and matches the global `image`'s Pull Policy.
As it says on the tin. Allows the use of go templating in the `st2.packs.configs` value when creating the Configs ConfigMap
Useful when changing the mounted pack image, that removes previously installed packs. Normally the packs have been removed from disk, but are still registered in the Mongo database. This runs...