From 79c77c3229051132343a9e780db870cd4aef7216 Mon Sep 17 00:00:00 2001 From: "vault-token-factory-spectrocloud[bot]" <133815545+vault-token-factory-spectrocloud[bot]@users.noreply.github.com> Date: Wed, 25 Sep 2024 21:22:00 +0000 Subject: [PATCH] docs: DOC-1391 (#4082) (#4084) * docs: DOC-1391 * docs: updates * chore: add Carolina's wrkaround * ci: auto-formatting prettier issues * docs: Apply suggestions from code review Co-authored-by: caroldelwing * docs: merge master --------- Co-authored-by: karl-cardenas-coding Co-authored-by: caroldelwing (cherry picked from commit bd1f5de0d4645912fb94fd7b8487e955c05d0fff) Co-authored-by: Karl Cardenas <29551334+karl-cardenas-coding@users.noreply.github.com> --- docs/docs-content/devx/devx.md | 2 +- docs/docs-content/release-notes/known-issues.md | 5 +++-- .../docs-content/security-bulletins/reports/cve-2015-8855.md | 3 +-- .../docs-content/security-bulletins/reports/cve-2019-9936.md | 2 +- docs/docs-content/security-bulletins/reports/reports.md | 4 ++-- .../create-manage-vm/advanced-topics/deploy-import-ova.md | 2 +- scripts/compress-convert-images.sh | 3 +-- 7 files changed, 10 insertions(+), 11 deletions(-) diff --git a/docs/docs-content/devx/devx.md b/docs/docs-content/devx/devx.md index c3ce82faca..cac9926e8b 100644 --- a/docs/docs-content/devx/devx.md +++ b/docs/docs-content/devx/devx.md @@ -38,7 +38,7 @@ App Mode is available for the following Palette and VerteX platforms. | -------------------------- | --------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | | Palette SaaS | ✅ | `v3.0.0` or greater. | | Self-hosted Palette | ✅ | `v3.4.0` or greater. | -| Palette Airgap Self-hosted | ✅ | `v4.0.0` or greater. | +| Palette Airgap Self-hosted | :warning: | `v4.0.0` or greater. Container deployment based workflows are not supported for airgap environments. | | VerteX | :warning: | `v4.0.0` or greater. Be aware that App Mode is not FIPS compliant. Container deployment based workflows are not supported for airgap environments. | ## Manage Resources diff --git a/docs/docs-content/release-notes/known-issues.md b/docs/docs-content/release-notes/known-issues.md index 17fd18ded6..7846fe5578 100644 --- a/docs/docs-content/release-notes/known-issues.md +++ b/docs/docs-content/release-notes/known-issues.md @@ -16,8 +16,9 @@ The following table lists all known issues that are currently active and affecti | Description | Workaround | Publish Date | Product Component | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | ---------------------------- | -| If an Edge host operating a cluster in connected mode loses connection to Palette, the cluster will not auto-renew its Public Key Infrastructure (PKI) certificates. When it re-establishes the connection to Palette, the Edge host will renew the certificates if the existing certificates have less than 30 days before expiry. | No workaround available. | Sep 14, 2024 | Edge | -| Using the Flannel Container Network Interface (CSI) pack together with a Red Hat Enterprise Linux (RHEL)-based provider image may lead to a pod becoming stuck during deployment. This is caused by an upstream issue with Flannel that was discovered in a K3s GitHub issue. Refer to [the K3s issue page](https://github.com/k3s-io/k3s/issues/5013) for more information. | No workaround is available | Sep 14, 2024 | Edge | +| Airgap self-hosted Palette or VerteX instances cannot use the Container service in App Profiles. The required dependency, [DevSpace](https://github.com/devspace-sh/devspace), is unavailable from the Palette pack registry and is downloaded from the Internet at runtime. | Use the manifest service in an [App Profile](../profiles/app-profiles/app-profiles.md) to specify a custom container image. | September 25, 2024 | App Mode | +| If an Edge host operating a cluster in connected mode loses connection to Palette, the cluster will not auto-renew its Public Key Infrastructure (PKI) certificates. When it re-establishes the connection to Palette, the Edge host will renew the certificates if the existing certificates have less than 30 days before expiry. | No workaround available. | September 14, 2024 | Edge | +| Using the Flannel Container Network Interface (CSI) pack together with a Red Hat Enterprise Linux (RHEL)-based provider image may lead to a pod becoming stuck during deployment. This is caused by an upstream issue with Flannel that was discovered in a K3s GitHub issue. Refer to [the K3s issue page](https://github.com/k3s-io/k3s/issues/5013) for more information. | No workaround is available | September 14, 2024 | Edge | | Palette OVA import operations fail if the VMO cluster is using a storageClass with the volume bind method `WaitForFirstConsumer`. | Refer to the [OVA Imports Fail Due To Storage Class Attribute](../troubleshooting/vmo-issues.md#scenario---ova-imports-fail-due-to-storage-class-attribute) troubleshooting guide for workaround steps. | September 13, 2024 | Palette CLI, VMO | | Persistent Volume Claims (PVCs) metadata do not use a unique identifier for self-hosted Palette clusters. This causes incorrect Cloud Native Storage (CNS) mappings in vSphere, potentially leading to issues during node operations and cluster upgrades. | Refer to the [Troubleshooting section](../troubleshooting/enterprise-install.md#non-unique-vsphere-cns-mapping) for guidance. | September 13, 2024 | Self-hosted | | Third-party binaries downloaded and used by the Palette CLI may become stale and incompatible with the CLI. | Refer to the [Incompatible Stale Palette CLI Binaries](../troubleshooting/automation.md#scenario---incompatible-stale-palette-cli-binaries) troubleshooting guide for workaround guidance. | September 11, 2024 | CLI | diff --git a/docs/docs-content/security-bulletins/reports/cve-2015-8855.md b/docs/docs-content/security-bulletins/reports/cve-2015-8855.md index ec93fafaca..d48172d413 100644 --- a/docs/docs-content/security-bulletins/reports/cve-2015-8855.md +++ b/docs/docs-content/security-bulletins/reports/cve-2015-8855.md @@ -41,5 +41,4 @@ Ongoing ## Revision History - 1.0 07/31/2024 Initial Publication -- 2.0 08/17/2024 Remediated in Palette VerteX 4.4.14 --- 3.0 09/25/2024 Remediated in Palette VerteX 4.4.18 +- 2.0 08/17/2024 Remediated in Palette VerteX 4.4.14 -- 3.0 09/25/2024 Remediated in Palette VerteX 4.4.18 diff --git a/docs/docs-content/security-bulletins/reports/cve-2019-9936.md b/docs/docs-content/security-bulletins/reports/cve-2019-9936.md index 763b565f28..4f735f23cb 100644 --- a/docs/docs-content/security-bulletins/reports/cve-2019-9936.md +++ b/docs/docs-content/security-bulletins/reports/cve-2019-9936.md @@ -41,4 +41,4 @@ Ongoing - 1.0 08/16/2024 Initial Publication - 2.0 08/17/2024 Added Palette VerteX 4.4.14 to Affected Products -- 3.0 09/25/2024 CVE remediated in Palette VerteX 4.4.18 \ No newline at end of file +- 3.0 09/25/2024 CVE remediated in Palette VerteX 4.4.18 diff --git a/docs/docs-content/security-bulletins/reports/reports.md b/docs/docs-content/security-bulletins/reports/reports.md index 40c9e7faaf..3ed9286b62 100644 --- a/docs/docs-content/security-bulletins/reports/reports.md +++ b/docs/docs-content/security-bulletins/reports/reports.md @@ -56,7 +56,7 @@ Click on the CVE ID to view the full details of the vulnerability. | [CVE-2021-39537](./cve-2021-39537.md) | 08/16/24 | 08/16/24 | 4.4.14 & 4.4.18 | Third-party component: MongoDB | [8.8](https://nvd.nist.gov/vuln/detail/CVE-2021-39537) | :mag: Ongoing | | [CVE-2019-9923](./cve-2019-9923.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2019-9923) | :mag: Ongoing | | [CVE-2020-36325](./cve-2020-36325.md) | 08/16/24 | 08/16/24 | 4.4.14 & 4.4.18 | Third-party component: Jansson | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2020-36325) | :mag: Ongoing | -| [CVE-2005-2541](./cve-2005-2541.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [10.0](https://nvd.nist.gov/vuln/detail/CVE-2005-2541)| :mag: Ongoing | +| [CVE-2005-2541](./cve-2005-2541.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [10.0](https://nvd.nist.gov/vuln/detail/CVE-2005-2541) | :mag: Ongoing | | [CVE-2019-9937](./cve-2019-9937.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2019-9937) | :mag: Ongoing | | [CVE-2019-9936](./cve-2019-9936.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2019-9936) | :mag: Ongoing | | [CVE-2019-19244](./cve-2019-19244.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2019-19244) | :mag: Ongoing | @@ -78,7 +78,7 @@ Click on the CVE ID to view the full details of the vulnerability. | [CVE-2024-24790](./cve-2024-24790.md) | 8/6/24 | 8/6/24 | 4.4.11 & 4.4.14 | Third-party component: Go Project | [9.8](https://nvd.nist.gov/vuln/detail/CVE-2024-24790) | :mag: Ongoing | | [CVE-2023-4156](./cve-2023-4156.md) | 08/16/24 | 08/16/24 | 4.4.14 | Third-party component: MongoDB | [7.1](https://nvd.nist.gov/vuln/detail/CVE-2023-4156) | :mag: Ongoing | | [CVE-2022-23990](./cve-2022-23990.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2022-23990) | :mag: Ongoing | -| [CVE-2020-35512](./cve-2020-35512.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [7.8](https://nvd.nist.gov/vuln/detail/CVE-2020-35512) | :mag: Ongoing | +| [CVE-2020-35512](./cve-2020-35512.md) | 08/16/24 | 9/25/24 | 4.4.14 | Third-party component: MongoDB | [7.8](https://nvd.nist.gov/vuln/detail/CVE-2020-35512) | :mag: Ongoing | | [CVE-2012-2663](./cve-2012-2663.md) | 08/16/24 | 08/16/24 | 4.4.14 & 4.4.18 | Third-party component: iPtables | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2012-2663) | :mag: Ongoing | | [CVE-2019-9192](./cve-2019-9192.md) | 08/16/24 | 08/16/24 | 4.4.14 & 4.4.18 | Third-party component: GNU C Library | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2019-9192) | :mag: Ongoing | | [CVE-2018-20796](./cve-2018-20796.md) | 08/16/24 | 08/16/24 | 4.4.14 & 4.4.18 | Third-party component: GNU C Library | [7.5](https://nvd.nist.gov/vuln/detail/CVE-2018-20796) | :mag: Ongoing | diff --git a/docs/docs-content/vm-management/create-manage-vm/advanced-topics/deploy-import-ova.md b/docs/docs-content/vm-management/create-manage-vm/advanced-topics/deploy-import-ova.md index 7ff5b96ab1..8afd82ba9e 100644 --- a/docs/docs-content/vm-management/create-manage-vm/advanced-topics/deploy-import-ova.md +++ b/docs/docs-content/vm-management/create-manage-vm/advanced-topics/deploy-import-ova.md @@ -257,7 +257,7 @@ name, for example `cdi-uploadproxy.mycompany.io`, to the Nginx load balancer’s | **Parameter** | **Description** | **Values** | | ------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------- | - | **OVA Path** | The path to the OVA you uploaded to your VM. The path for the example provided is `/root/bitnami-wordpress-6.2.2-r1-debian-11-amd64.ova/`. | | + | **OVA Path** | The path to the OVA you uploaded to your VM. The path for the example provided is `/root/bitnami-wordpress-6.2.2-r1-debian-11-amd64.ova/`. | | | **Container Disk Upload Method** | Indicate whether to upload the image directly to the target cluster as a `DataVolume` or build and push a Docker image. You will need to provide an existing image registry if you select Docker. | `DataVolume` / `Docker Image` | | **Kubeconfig Path** | The path to the kubeconfig file you have uploaded to your VM. | | | **DataVolume Namespace** | The namespace to create your `DataVolume`, if you selected this option previously. | | diff --git a/scripts/compress-convert-images.sh b/scripts/compress-convert-images.sh index 7799606462..7e333ecbdb 100755 --- a/scripts/compress-convert-images.sh +++ b/scripts/compress-convert-images.sh @@ -6,8 +6,7 @@ set -e echo "Checking for files not in WebP format in static/assets/docs/images/ folder..." # Find files that are not in WebP format and are not .DS_STORE files -non_webp_files=$(find static/assets/docs/images/ -type f ! -name "*.webp" -not -name ".DS_STORE") - +non_webp_files=$(find static/assets/docs/images/ -type f ! -name "*.webp" ! -name "*.gif" -not -name ".DS_STORE") # Check if there are any non-WebP files if [[ -n "$non_webp_files" ]]; then echo "Warning: Some files in the folder are not in WebP format."