Add yaml-mapper tool for migrating from helm to operator #1567
Conversation
![datadog-datadog-prod-us1[bot]](https://avatars.githubusercontent.com/u/365230?s=60&v=4){kind=small}
|
|
||
| toolchain go1.22.7 | ||
|
|
||
| require helm.sh/helm/v3 v3.14.2 |
There was a problem hiding this comment.
🟠 Library Vulnerability
helm.sh/helm/v3 → 3.14.2
Helm shows secrets in clear text (...read more)
An issue was discovered in Cloud Native Computing Foundation (CNCF) Helm. It displays values of secrets when the --dry-run flag is used. This is a security concern in some use cases, such as a --dry-run call by a CI/CD tool. NOTE: the vendor's position is that this behavior was introduced intentionally, and cannot be removed without breaking backwards compatibility (some users may be relying on these values).
| github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect | ||
| github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect | ||
| github.com/xeipuuv/gojsonschema v1.2.0 // indirect | ||
| golang.org/x/net v0.17.0 // indirect |
There was a problem hiding this comment.
🟠 Library Vulnerability
golang.org/x/net → 0.17.0
View all suggested fixes
| golang.org/x/net v0.17.0 // indirect | |
| golang.org/x/net vv0.30.1-0.20241011223655-5716b9813d2c// indirect |
| golang.org/x/net v0.17.0 // indirect | |
| golang.org/x/net vv0.23.0// indirect |
net/http, x/net/http2: close connections when receiving too many headers (...read more)
An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.
github-actions
bot
added
the
chart/datadog
What this PR does / why we need it:
Add yaml-mapper tool to helm charts to help users switch from installing the Datadog Agent with helm charts to using Operator. The yaml mapper script will take a
values.yamlfile used for helm charts and convert it into one that is compatible with the operator. (part of agent innovation week)Special notes for your reviewer:
Checklist
[Place an '[x]' (no spaces) in all applicable fields. Please remove unrelated fields.]
.github/helm-docs.sh)CHANGELOG.mdhas been updatedREADME.mdmake update-test-baselines)