Skip to content

Commit

Permalink
docs: DOC-1391 (#4082) (#4084)
Browse files Browse the repository at this point in the history 
* docs: DOC-1391

* docs: updates

* chore: add Carolina's wrkaround

* ci: auto-formatting prettier issues

* docs: Apply suggestions from code review

Co-authored-by: caroldelwing <[email protected]>

* docs: merge master

---------

Co-authored-by: karl-cardenas-coding <[email protected]>
Co-authored-by: caroldelwing <[email protected]>
(cherry picked from commit bd1f5de)

Co-authored-by: Karl Cardenas <[email protected]>
  • Loading branch information
@vault-token-factory-spectrocloud @karl-cardenas-coding
vault-token-factory-spectrocloud[bot] and karl-cardenas-coding authored Sep 25, 2024
1 parent b9269ea commit 79c77c3
Show file tree
Hide file tree
Showing 7 changed files with 10 additions and 11 deletions.
2 changes: 1 addition & 1 deletion docs/docs-content/devx/devx.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ App Mode is available for the following Palette and VerteX platforms.
| -------------------------- | --------- | -------------------------------------------------------------------------------------------------------------------------------------------------- |
| Palette SaaS || `v3.0.0` or greater. |
| Self-hosted Palette || `v3.4.0` or greater. |
| Palette Airgap Self-hosted | | `v4.0.0` or greater. |
| Palette Airgap Self-hosted | :warning: | `v4.0.0` or greater. Container deployment based workflows are not supported for airgap environments. |
| VerteX | :warning: | `v4.0.0` or greater. Be aware that App Mode is not FIPS compliant. Container deployment based workflows are not supported for airgap environments. |

## Manage Resources
Expand Down
5 changes: 3 additions & 2 deletions docs/docs-content/release-notes/known-issues.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,9 @@ The following table lists all known issues that are currently active and affecti

| Description | Workaround | Publish Date | Product Component |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | ---------------------------- |
| If an Edge host operating a cluster in connected mode loses connection to Palette, the cluster will not auto-renew its Public Key Infrastructure (PKI) certificates. When it re-establishes the connection to Palette, the Edge host will renew the certificates if the existing certificates have less than 30 days before expiry. | No workaround available. | Sep 14, 2024 | Edge |
| Using the Flannel Container Network Interface (CSI) pack together with a Red Hat Enterprise Linux (RHEL)-based provider image may lead to a pod becoming stuck during deployment. This is caused by an upstream issue with Flannel that was discovered in a K3s GitHub issue. Refer to [the K3s issue page](https://github.com/k3s-io/k3s/issues/5013) for more information. | No workaround is available | Sep 14, 2024 | Edge |
| Airgap self-hosted Palette or VerteX instances cannot use the Container service in App Profiles. The required dependency, [DevSpace](https://github.com/devspace-sh/devspace), is unavailable from the Palette pack registry and is downloaded from the Internet at runtime. | Use the manifest service in an [App Profile](../profiles/app-profiles/app-profiles.md) to specify a custom container image. | September 25, 2024 | App Mode |
| If an Edge host operating a cluster in connected mode loses connection to Palette, the cluster will not auto-renew its Public Key Infrastructure (PKI) certificates. When it re-establishes the connection to Palette, the Edge host will renew the certificates if the existing certificates have less than 30 days before expiry. | No workaround available. | September 14, 2024 | Edge |
| Using the Flannel Container Network Interface (CSI) pack together with a Red Hat Enterprise Linux (RHEL)-based provider image may lead to a pod becoming stuck during deployment. This is caused by an upstream issue with Flannel that was discovered in a K3s GitHub issue. Refer to [the K3s issue page](https://github.com/k3s-io/k3s/issues/5013) for more information. | No workaround is available | September 14, 2024 | Edge |
| Palette OVA import operations fail if the VMO cluster is using a storageClass with the volume bind method `WaitForFirstConsumer`. | Refer to the [OVA Imports Fail Due To Storage Class Attribute](../troubleshooting/vmo-issues.md#scenario---ova-imports-fail-due-to-storage-class-attribute) troubleshooting guide for workaround steps. | September 13, 2024 | Palette CLI, VMO |
| Persistent Volume Claims (PVCs) metadata do not use a unique identifier for self-hosted Palette clusters. This causes incorrect Cloud Native Storage (CNS) mappings in vSphere, potentially leading to issues during node operations and cluster upgrades. | Refer to the [Troubleshooting section](../troubleshooting/enterprise-install.md#non-unique-vsphere-cns-mapping) for guidance. | September 13, 2024 | Self-hosted |
| Third-party binaries downloaded and used by the Palette CLI may become stale and incompatible with the CLI. | Refer to the [Incompatible Stale Palette CLI Binaries](../troubleshooting/automation.md#scenario---incompatible-stale-palette-cli-binaries) troubleshooting guide for workaround guidance. | September 11, 2024 | CLI |
Expand Down
3 changes: 1 addition & 2 deletions docs/docs-content/security-bulletins/reports/cve-2015-8855.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,5 +41,4 @@ Ongoing
## Revision History

- 1.0 07/31/2024 Initial Publication
- 2.0 08/17/2024 Remediated in Palette VerteX 4.4.14
-- 3.0 09/25/2024 Remediated in Palette VerteX 4.4.18
- 2.0 08/17/2024 Remediated in Palette VerteX 4.4.14 -- 3.0 09/25/2024 Remediated in Palette VerteX 4.4.18
2 changes: 1 addition & 1 deletion docs/docs-content/security-bulletins/reports/cve-2019-9936.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,4 +41,4 @@ Ongoing

- 1.0 08/16/2024 Initial Publication
- 2.0 08/17/2024 Added Palette VerteX 4.4.14 to Affected Products
- 3.0 09/25/2024 CVE remediated in Palette VerteX 4.4.18
- 3.0 09/25/2024 CVE remediated in Palette VerteX 4.4.18
4 changes: 2 additions & 2 deletions docs/docs-content/security-bulletins/reports/reports.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ Click on the CVE ID to view the full details of the vulnerability.
| [CVE-2021-39537](./cve-2021-39537.md) | 08/16/24 | 08/16/24 | 4.4.14 & 4.4.18 | Third-party component: MongoDB | [8.8](https://nvd.nist.gov/vuln/detail/CVE-2021-39537) | :mag: Ongoing |
| [CVE-2019-9923](./cve-2019-9923.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2019-9923) | :mag: Ongoing |
| [CVE-2020-36325](./cve-2020-36325.md) | 08/16/24 | 08/16/24 | 4.4.14 & 4.4.18 | Third-party component: Jansson | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2020-36325) | :mag: Ongoing |
| [CVE-2005-2541](./cve-2005-2541.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [10.0](https://nvd.nist.gov/vuln/detail/CVE-2005-2541)| :mag: Ongoing |
| [CVE-2005-2541](./cve-2005-2541.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [10.0](https://nvd.nist.gov/vuln/detail/CVE-2005-2541) | :mag: Ongoing |
| [CVE-2019-9937](./cve-2019-9937.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2019-9937) | :mag: Ongoing |
| [CVE-2019-9936](./cve-2019-9936.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2019-9936) | :mag: Ongoing |
| [CVE-2019-19244](./cve-2019-19244.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2019-19244) | :mag: Ongoing |
Expand All @@ -78,7 +78,7 @@ Click on the CVE ID to view the full details of the vulnerability.
| [CVE-2024-24790](./cve-2024-24790.md) | 8/6/24 | 8/6/24 | 4.4.11 & 4.4.14 | Third-party component: Go Project | [9.8](https://nvd.nist.gov/vuln/detail/CVE-2024-24790) | :mag: Ongoing |
| [CVE-2023-4156](./cve-2023-4156.md) | 08/16/24 | 08/16/24 | 4.4.14 | Third-party component: MongoDB | [7.1](https://nvd.nist.gov/vuln/detail/CVE-2023-4156) | :mag: Ongoing |
| [CVE-2022-23990](./cve-2022-23990.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2022-23990) | :mag: Ongoing |
| [CVE-2020-35512](./cve-2020-35512.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [7.8](https://nvd.nist.gov/vuln/detail/CVE-2020-35512) | :mag: Ongoing |
| [CVE-2020-35512](./cve-2020-35512.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [7.8](https://nvd.nist.gov/vuln/detail/CVE-2020-35512) | :mag: Ongoing |
| [CVE-2012-2663](./cve-2012-2663.md) | 08/16/24 | 08/16/24 | 4.4.14 & 4.4.18 | Third-party component: iPtables | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2012-2663) | :mag: Ongoing |
| [CVE-2019-9192](./cve-2019-9192.md) | 08/16/24 | 08/16/24 | 4.4.14 & 4.4.18 | Third-party component: GNU C Library | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2019-9192) | :mag: Ongoing |
| [CVE-2018-20796](./cve-2018-20796.md) | 08/16/24 | 08/16/24 | 4.4.14 & 4.4.18 | Third-party component: GNU C Library | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2018-20796) | :mag: Ongoing |
Expand Down
Loading

0 comments on commit 79c77c3

Please sign in to comment.