Skip to content

Upgrade Cassandra Package in Jaeger v1 chart #631

New issue
New issue
Open
Open
Upgrade Cassandra Package in Jaeger v1 chart#631
Labels
good first issueGood for newcomershelp wantedExtra attention is needed
@jkowall

Description

@jkowall
jkowall
opened on Feb 13, 2025

Security Updates Needed (new packages)

I was looking at the helm chart vulnerability reviews and it seems like we have an old version of Cassandra in there causing a lot of them. https://artifacthub.io/packages/helm/jaegertracing/jaeger/3.4.0?modal=security-report&event-id=920295d2-3ed1-4fb9-8d95-4fc526e0ddbf

The Cassnadra chart we are including is not even available anymore since 2022 : https://github.com/helm/charts/blob/master/README.md#status-of-the-project so we should either drop Cassandra or use a supported chart.

Please upgrade Cassandra to a newer version which is supported similar to what is used in Jaeger v2 chart.

Steps to reproduce

Review artifacthub findings : https://artifacthub.io/packages/helm/jaegertracing/jaeger/3.4.0?modal=security-report&event-id=920295d2-3ed1-4fb9-8d95-4fc526e0ddbf

Expected behavior

Jaeger v1 Helm chart runs on the current version of Cassandra without vulnerabilities.

Metadata

Metadata

Assignees

No one assigned

    Labels

    good first issueGood for newcomershelp wantedExtra attention is needed

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions