Skip to content

Releases: openanalytics/shinyproxy-operator

v2.3.1

Choose a tag to compare

@LEDfan LEDfan released this 12 Nov 15:58
  • Fix: make compatible with Docker version 29

v2.3.0

Choose a tag to compare

@LEDfan LEDfan released this 20 Oct 14:45

See the update instructions for Kubernetes and Docker.

v2.2.2

Choose a tag to compare

@LEDfan LEDfan released this 26 Aug 09:31
  • (Kubernetes only) the Redis Docker image has been moved to openanalytics/redis and openanalytics/redis-sentinel since Bitnami will remove the images.

See the announcement for more information.

v2.2.1

Choose a tag to compare

@LEDfan LEDfan released this 31 Jul 09:57
  • add maven assembly configuration to correctly combine the services file provided by the fabric8 kubernetes client. Fixes an issue with the operator stopping to receive events after some time.

v2.2.0

Choose a tag to compare

@LEDfan LEDfan released this 07 Jul 14:28
  • update to JDK 21
  • add Docker support
  • add labels property
  • add memory-request, memory-limit, cpu-request and cpu-limit properties
  • add dns support
  • create Kubernetes events during reconciliation or failure

v2.1.0

Choose a tag to compare

@LEDfan LEDfan released this 07 May 11:04
  • update to JDK 17
  • support multiple FQDNs
  • add anti-affinity rule to not schedule multiple replicas on the same node
  • allow to modify the Service resource by using kubernetesServicePatches
  • Fix: operator not syncing after some time
  • Fix: update Ingress resource if kubernetesIngressPatches has changed

v2.0.0

Choose a tag to compare

@LEDfan LEDfan released this 02 Mar 12:22

v1.1.0

Choose a tag to compare

@LEDfan LEDfan released this 23 Jun 13:46

This release makes the ShinyProxy Operator compatible with Kubernetes 1.22 and later (contributed by @dev-rowbot).

v1.0.3

Choose a tag to compare

@LEDfan LEDfan released this 20 Dec 08:30

This release contains a security update of the log4j library. This fixes CVE-2021-45105 see GHSA-p6xc-xr62-6r2g.

Version 1.0.1 of the operator includes log4j 2.15.0, which fixes CVE-2021-44228 and version 1.0.2 of the operator includes log4j 2.16.0 which fixes CVE-2021-45046. This release updates log4j to 2.17.0 in order to fix CVE-2021-45105.
In the case of the Operator, the possibilities to exploit this vulnerability are low. The operator only handles input from the Kubernetes API and does not expose any network service. Therefore an attacker must be able to create ShinyProxy resources in order to exploit this vulnerability.

Note: ShinyProxy itself is not vulnerable, as it uses logback as logging backend.

v1.0.2

Choose a tag to compare

@LEDfan LEDfan released this 15 Dec 08:32

This release contains a security update of the log4j library. This fixes CVE-2021-45046, see GHSA-7rjr-3q55-vv33 .

Version 1.0.1 of the operator includes log4j 2.15.0, which fixes CVE-2021-44228, however this fix is incomplete. This release updates log4j to 2.16.0.
In the case of the Operator, the possibilities to exploit this vulnerability are low. The operator only handles input from the Kubernetes API and does not expose any network service. Therefore an attacker must be able to create ShinyProxy resources in order to exploit this vulnerability.

Note: ShinyProxy itself is not vulnerable, as it uses logback as logging backend.