GithubHelp home page GithubHelp logo

icoretech / helm Goto Github PK

View Code? Open in Web Editor NEW
4.0 4.0 4.0 408 KB

iCoreTech Helm Charts

Home Page: https://icoretech.github.io/helm/

Mustache 100.00%
airbroke chatgpt-plugin helm-charts nextjs pgbouncer

helm's People

Contributors

huehnerhose avatar kriska avatar masterkain avatar shkrid avatar

Stargazers

avatar

Watchers

avatar avatar avatar avatar avatar

Forkers

shkrid kriska huehnerhose

helm's Issues

Fix Docker vulnerabilities

The security team in our company blocked the implementation of PGBouncer because of the following vulnerabilities:

❯ docker scout cves ghcr.io/icoretech/pgbouncer-docker:1.23.0
    i New version 1.11.0 available (installed version is 1.10.0) at https://github.com/docker/scout-cli
          ✓ SBOM of image already cached, 33 packages indexed
    ✗ Detected 1 vulnerable package with 2 vulnerabilities


## Overview

                    │                Analyzed Image                  
────────────────────┼────────────────────────────────────────────────
  Target            │  ghcr.io/icoretech/pgbouncer-docker:1.23.0     
    digest          │  c61e50d7fefc                                  
    platform        │ linux/arm64                                    
    provenance      │ https://github.com/icoretech/pgbouncer-docker  
                    │  c5578c0303de97122743fc06bc7e888272739590      
    vulnerabilities │    1C     0H     0M     0L     1?              
    size            │ 7.0 MB                                         
    packages        │ 33                                             


## Packages and Vulnerabilities

   1C     0H     0M     0L     1?  openssl 3.0.13-r0
pkg:apk/alpine/[email protected]?os_name=alpine&os_version=3.17

    ✗ CRITICAL CVE-2024-5535
      https://scout.docker.com/v/CVE-2024-5535
      Affected range : <3.0.14-r0  
      Fixed version  : 3.0.14-r0   
    
    ✗ UNSPECIFIED CVE-2024-4741
      https://scout.docker.com/v/CVE-2024-4741
      Affected range : <3.0.14-r0  
      Fixed version  : 3.0.14-r0   
    


2 vulnerabilities found in 1 package
  UNSPECIFIED  1  
  LOW          0  
  MEDIUM       0  
  HIGH         0  
  CRITICAL     1

If I build this image locally the vulnerability is gone, so I think you could just rebuild it and push it back to GCR. For now I've pushed the clean image to our internal ECR to move with it.

Thanks!

PS.: opening this issue here as the docker repo has no Issues enabled.

GPT retrieval chart requires BEARER_TOKEN and OPENAI_API_KEY to be plain text

Currently,
When I use the gpt-retrieval-plugin chart as a dependency:

apiVersion: v2
name: my-deployment
type: application
version: 0.0.1
dependencies:
- name: chatgpt-retrieval-plugin
  alias: gptretrieval
  version: 0.0.18
  repository: https://icoretech.github.io/helm
  condition: gptretrieval.enabled

and I configure it in the values.yaml file:

gptretrieval:
  enabled: true
  web:
    image: ghcr.io/icoretech/chatgpt-retrieval-plugin-docker:weaviate-e8fda70-1690594131
    extraEnvs:
      - name: DATASTORE
        value: weaviate
      - name: WEAVIATE_URL
        value: http://weaviate:80
      - name: BEARER_TOKEN
        value: blabla
      - name: OPENAI_API_KEY
        value: blabla

I need to provide the BEARER_TOKEN and OPENAI_API_KEY directly in plain text.

This exposes my configurations and although they are later wrapped as a secret.
They are also present as a plain text in my values file.

It would be much more useful if either:

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.