diff --git a/.dockerignore b/.dockerignore
index 5d7722e6..13caccea 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,5 +1,5 @@
-bin\
-obj\
+bin/
+obj/
cmd/
**/bin/*
**/obj/*
diff --git a/Dockerfile b/Dockerfile
index 18ef4ec3..60f88b50 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM mcr.microsoft.com/dotnet/core/sdk:3.1 AS build-env
+FROM mcr.microsoft.com/dotnet/sdk:3.1 AS build-env
ARG PROJECT_NAME=decrypt-api
@@ -15,16 +15,16 @@ COPY ./src/key-managment ./key-managment
RUN dotnet publish $PROJECT_NAME/$PROJECT_NAME.csproj -c Release -o ./obj/Docker/publish
# Build runtime image
-FROM mcr.microsoft.com/dotnet/core/aspnet:3.1-buster-slim AS release
+FROM mcr.microsoft.com/dotnet/aspnet:3.1-focal AS release
ARG PROJECT_NAME=decrypt-api
ENV PROJECT_NAME_ENV=$PROJECT_NAME
-RUN groupadd dotnet && \
- useradd dotnet -g dotnet --home /home/dotnet
+RUN groupadd -g 1000 dotnet && \
+ useradd -u 1000 dotnet -g dotnet --home /home/dotnet
USER dotnet
WORKDIR /home/dotnet/app
ENV ASPNETCORE_URLS=http://+:9999
-COPY --from=build-env /app/obj/Docker/publish .
+COPY --from=build-env --chown=dotnet:dotnet /app/obj/Docker/publish .
ENTRYPOINT dotnet $PROJECT_NAME_ENV.dll
\ No newline at end of file
diff --git a/init-container/Dockerfile b/init-container/Dockerfile
index bf011c52..7c016d0a 100644
--- a/init-container/Dockerfile
+++ b/init-container/Dockerfile
@@ -1,4 +1,4 @@
-FROM node:10-alpine
+FROM node:14.18.3-alpine3.14
RUN mkdir /home/node/app
# Create app directory
diff --git a/site/content/docs/user/CHANGELOG.md b/site/content/docs/user/CHANGELOG.md
index c1e8f2a8..8f95a6ce 100644
--- a/site/content/docs/user/CHANGELOG.md
+++ b/site/content/docs/user/CHANGELOG.md
@@ -6,46 +6,57 @@ menu:
identifier: "changelog"
weight: 6
---
+
# Changelog
+## kamus-0.9.0.8 (18/03/2022)
+
+#### chore :
+
+- Upgrade base images to address security vulnerabilities
+
## kamus-0.9.0.7 (18/03/2021)
#### feature :
+
- The controller now reconcile all KamusSecrets every 60 seconds (make sure to recreate if any secret is missing)
## kamus-0.9.0.6 (15/02/2021)
#### feature :
+
- Container images moved to ghcr
## kamus-0.9.0.5 (15/02/2021)
#### bug :
+
- Prevent controller restarts every 60 minutes
## kamus-0.9.0.2 (14/02/2021)
#### bug :
+
- Fix crd controller logging
## kamus-0.9.0.1 (14/02/2021)
#### chore :
+
- Remove SSL endpoint since we don't have conversion webhook anymore
## kamus-0.9 (11/02/2021)
#### Breaking :
+
- Kubernetes 1.16 is the minimum required version since KamusSecret CRD moved to `apiextensions.k8s.io/v1`
- v1alpha1 KamusSecret was removed. Please migrate to v1alpha2.
To migrate from v1alpha1 to v1alpha2 all you need to do is:
- * Change the key data to stringData
- * Change the apiVersion to "soluto.com/v1alpha2"
+ - Change the key data to stringData
+ - Change the apiVersion to "soluto.com/v1alpha2"
-
-
## kamus-0.8 (31/08/2020)
#### Breaking Bug Fixes:
@@ -54,14 +65,12 @@ menu:
If you've encrypted secrets using kamus 0.7.0.0 and above, your AWS key aliases were created without prefix, so you have to re-encrypt them in order to use kamus 0.8.0.0 that now uses the cmkPrefix correctly.
-
## kamus-0.7 (07/06/2020)
#### Bug Fixes:
- [**bug**] Decryption doesn't fail when doing from unauthorized service account [#526](https://github.com/Soluto/kamus/issues/526)
-
## kamus-0.6 (19/09/2019)
#### Enhancements:
@@ -74,8 +83,7 @@ menu:
- [**bug**] BUG: init container -n flag required when outputting files format [#270](https://github.com/Soluto/kamus/issues/270)
- [**bug**] GCP KMS support is broken since version 0.4.4.0 [#251](https://github.com/Soluto/kamus/issues/251)
-The released can be used using the latest chart version - 0.4.0
----
+## The released can be used using the latest chart version - 0.4.0
## kamus-0.5 (30/06/2019)
@@ -94,7 +102,7 @@ The released can be used using the latest chart version - 0.4.0
#### Bug Fixes:
-- [**bug**] type=KamusSecret is NOT working. [#196](https://github.com/Soluto/kamus/issues/196)
+- [**bug**] type=KamusSecret is NOT working. [#196](https://github.com/Soluto/kamus/issues/196)
- [**bug**] CRD Controller fails to decrypt [#163](https://github.com/Soluto/kamus/issues/163)
- [**bug**] getting error when trying to encrypt with awskms [#142](https://github.com/Soluto/kamus/issues/142)
- [**bug**] Failed to run the example when Kamus is not running in the default namespace [#132](https://github.com/Soluto/kamus/issues/132)
@@ -137,6 +145,7 @@ Available on chart version 0.1.7
---
## kamus-0.1 (17/01/2019)
+
- [**enhancement**][**good first issue**][**help wanted**] Make CLI arguments order invariant [#77](https://github.com/Soluto/kamus/issues/77)
- [**enhancement**] Move to versioned docker images [#74](https://github.com/Soluto/kamus/issues/74)
- [**enhancement**][**help wanted**] Add support for GCP KMS [#61](https://github.com/Soluto/kamus/issues/61)
diff --git a/src/crd-controller/crd-controller.csproj b/src/crd-controller/crd-controller.csproj
index df194490..05c6e25f 100644
--- a/src/crd-controller/crd-controller.csproj
+++ b/src/crd-controller/crd-controller.csproj
@@ -7,7 +7,7 @@
- 0.9.0.7
+ 0.9.0.8
diff --git a/src/decrypt-api/decrypt-api.csproj b/src/decrypt-api/decrypt-api.csproj
index 9d81760a..aa2ae7c7 100644
--- a/src/decrypt-api/decrypt-api.csproj
+++ b/src/decrypt-api/decrypt-api.csproj
@@ -3,7 +3,7 @@
netcoreapp3.1
- 0.9.0.7
+ 0.9.0.8
diff --git a/src/encrypt-api/encrypt-api.csproj b/src/encrypt-api/encrypt-api.csproj
index 8e1eba6f..e789e663 100644
--- a/src/encrypt-api/encrypt-api.csproj
+++ b/src/encrypt-api/encrypt-api.csproj
@@ -3,7 +3,7 @@
netcoreapp3.1
- 0.9.0.7
+ 0.9.0.8