Skip to content

Commit

Permalink
Feature/lrangine master (#7)
Browse files Browse the repository at this point in the history
* feat: Loading the CA trusted store certificate into Feast to verify the public certificate. (#4852)

* Initial Draft version to load the CA trusted store code.

Signed-off-by: lrangine <[email protected]>

* Initial Draft version to load the CA trusted store code.

Signed-off-by: lrangine <[email protected]>

* Fixing the lint error.

Signed-off-by: lrangine <[email protected]>

* Trying to fix the online store test cases.

Signed-off-by: lrangine <[email protected]>

* Formatted the python to fix lint errors.

Signed-off-by: lrangine <[email protected]>

* Fixing the unit test cases.

Signed-off-by: lrangine <[email protected]>

* Fixing the unit test cases.

Signed-off-by: lrangine <[email protected]>

* removing unnecessary cli args.

Signed-off-by: lrangine <[email protected]>

* Now configuring the SSL ca store configurations on the feast client side rather than on the server side. And also fixing the integration tests.

Signed-off-by: lrangine <[email protected]>

* Renamed the remote registry is_tls_mode variable to is_tls.
Changed the offline store TLS setting decision from cert to scheme.

Signed-off-by: lrangine <[email protected]>

* Adding the existing trust store certificates to the newly created trust store.

Signed-off-by: lrangine <[email protected]>

* Clearing the existing trust store configuration to see if it fixes the PR integration failures.

Signed-off-by: lrangine <[email protected]>

* Clearing the existing trust store configuration to see if it fixes the PR integration failures.

Signed-off-by: lrangine <[email protected]>

* Clearing the existing trust store configuration to see if it fixes the PR integration failures.

Signed-off-by: lrangine <[email protected]>

* combining the default system ca store with the custom one to fix the integration tests.

Signed-off-by: lrangine <[email protected]>

* Final clean up and adding documentation.

Signed-off-by: lrangine <[email protected]>

* Incorporating the code review comments from Francisco.

Signed-off-by: lrangine <[email protected]>

---------

Signed-off-by: lrangine <[email protected]>

* fix: Updated python-helm-demo example to use MinIO instead of GS (#4691)

* Updated python-helm-demo example to use MinIO instead of GS

Signed-off-by: Daniele Martinoli <[email protected]>

* Update examples/python-helm-demo/README.md

Co-authored-by: Francisco Arceo <[email protected]>
Signed-off-by: Daniele Martinoli <[email protected]>

* Adding explicit wait to container to validate CI failures

Signed-off-by: Daniele Martinoli <[email protected]>

* restored original conftest

Signed-off-by: Daniele Martinoli <[email protected]>

---------

Signed-off-by: Daniele Martinoli <[email protected]>
Co-authored-by: Francisco Arceo <[email protected]>
Signed-off-by: lrangine <[email protected]>

* fix: Fixing some of the warnings with the github actions (#4763)

Fixing some of the warnings with the github actions, most of them related to deprecated actions or libraries.

Signed-off-by: lrangine <[email protected]>

* Update README.md

Signed-off-by: lrangine <[email protected]>

* Snyk scan vulnerability fixes.

Signed-off-by: lrangine <[email protected]>

* Reverting the grpc version so hoping that it will fix the java integration tests.

Signed-off-by: lrangine <[email protected]>

* Upgrading the grpc version as it didn't fix the problem

Signed-off-by: lrangine <[email protected]>

* adding grpc-api libraries as dependency to solve some of the class not found exceptions with the grpc upgrades.

Signed-off-by: lrangine <[email protected]>

* fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TRIM-1017038

Signed-off-by: lrangine <[email protected]>
Signed-off-by: lrangine <[email protected]>

* [Snyk] Fix for 2 vulnerabilities (#3)

* chore: Update quickstart.md

* fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228
- https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898
- https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327
- https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044
- https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284
- https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047

* fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TRIM-1017038

Signed-off-by: lrangine <[email protected]>

* fix: java/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356

Signed-off-by: lrangine <[email protected]>

* Updating the requirements files.

Signed-off-by: lrangine <[email protected]>

* Updating the requirements files.

Signed-off-by: lrangine <[email protected]>

* Changing the python httpx package to 0.27.2 because after 0.28.0 version is giving errors related to proxies which is removed.

Signed-off-by: lrangine <[email protected]>

* [Snyk] Security upgrade io.grpc:grpc-services from 1.53.0 to 1.63.0 (#4)

* chore: Update quickstart.md

* fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228
- https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898
- https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327
- https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044
- https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284
- https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047

* fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TRIM-1017038

Signed-off-by: lrangine <[email protected]>

* fix: java/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228
Signed-off-by: lrangine <[email protected]>
---------

Signed-off-by: lrangine <[email protected]>
Co-authored-by: Francisco Arceo <[email protected]>
Co-authored-by: snyk-bot <[email protected]>
Signed-off-by: lrangine <[email protected]>

* [Snyk] Fix for 1 vulnerabilities (#5)

Signed-off-by: lrangine <[email protected]>

* chore: Update quickstart.md

* fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228
- https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898
- https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327
- https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044
- https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284
- https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047

* fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TRIM-1017038

Signed-off-by: lrangine <[email protected]>

* fix: java/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356

---------

Signed-off-by: lrangine <[email protected]>
Co-authored-by: Francisco Arceo <[email protected]>
Co-authored-by: snyk-bot <[email protected]>
Signed-off-by: lrangine <[email protected]>

* trying to fix some vulnerabilities in the requirements.txt files.

Signed-off-by: lrangine <[email protected]>

* Updating the lettuce-core to fix the snyk vulnerability.

Signed-off-by: lrangine <[email protected]>

---------

Signed-off-by: lrangine <[email protected]>
Signed-off-by: Daniele Martinoli <[email protected]>
Co-authored-by: Daniele Martinoli <[email protected]>
Co-authored-by: Francisco Arceo <[email protected]>
Co-authored-by: Francisco Arceo <[email protected]>
Co-authored-by: snyk-bot <[email protected]>
Signed-off-by: lrangine <[email protected]>
  • Loading branch information
5 people committed Dec 20, 2024
1 parent 7d9eeea commit 85d41ac
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion java/serving/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -383,7 +383,7 @@
<dependency>
<groupId>io.lettuce</groupId>
<artifactId>lettuce-core</artifactId>
<version>6.0.2.RELEASE</version>
<version>6.5.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
Expand Down

0 comments on commit 85d41ac

Please sign in to comment.