diff --git a/bundle/manifests/atlas.mongodb.com_atlasdatabaseusers.yaml b/bundle/manifests/atlas.mongodb.com_atlasdatabaseusers.yaml index cd1860ae66..156b06b451 100644 --- a/bundle/manifests/atlas.mongodb.com_atlasdatabaseusers.yaml +++ b/bundle/manifests/atlas.mongodb.com_atlasdatabaseusers.yaml @@ -185,8 +185,13 @@ spec: maxLength: 1024 type: string x509Type: + default: NONE description: X509Type is X.509 method by which the database authenticates the provided username + enum: + - NONE + - MANAGED + - CUSTOMER type: string required: - projectRef diff --git a/bundle/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml b/bundle/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml index 9b798c88fe..fef81bee81 100644 --- a/bundle/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml +++ b/bundle/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml @@ -168,7 +168,7 @@ metadata: ] capabilities: Full Lifecycle categories: Database - createdAt: "2024-05-09T16:42:27Z" + createdAt: "2024-06-10T11:59:18Z" description: The MongoDB Atlas Kubernetes Operator enables easy management of Clusters in MongoDB Atlas features.operators.openshift.io/disconnected: "false" features.operators.openshift.io/fips-compliant: "false" @@ -179,12 +179,12 @@ metadata: features.operators.openshift.io/token-auth-gcp: "false" operators.operatorframework.io/builder: operator-sdk-v1.34.1 operators.operatorframework.io/project_layout: go.kubebuilder.io/v4 - containerImage: mongodb/mongodb-atlas-kubernetes-operator:2.3.0 + containerImage: mongodb/mongodb-atlas-kubernetes-operator:2.3.1 labels: operatorframework.io/arch.amd64: supported operatorframework.io/arch.arm64: supported operatorframework.io/os.linux: supported - name: mongodb-atlas-kubernetes.v2.3.0 + name: mongodb-atlas-kubernetes.v2.3.1 namespace: placeholder spec: apiservicedefinitions: {} @@ -562,7 +562,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.annotations['olm.targetNamespaces'] - image: mongodb/mongodb-atlas-kubernetes-operator:2.3.0 + image: mongodb/mongodb-atlas-kubernetes-operator:2.3.1 imagePullPolicy: Always livenessProbe: httpGet: @@ -646,5 +646,5 @@ spec: maturity: beta provider: name: MongoDB, Inc - version: 2.3.0 - replaces: mongodb-atlas-kubernetes.v2.2.2 + version: 2.3.1 + replaces: mongodb-atlas-kubernetes.v2.3.0 diff --git a/deploy/all-in-one.yaml b/deploy/all-in-one.yaml index f4a79549f6..ed8a30dc62 100644 --- a/deploy/all-in-one.yaml +++ b/deploy/all-in-one.yaml @@ -560,8 +560,13 @@ spec: maxLength: 1024 type: string x509Type: + default: NONE description: X509Type is X.509 method by which the database authenticates the provided username + enum: + - NONE + - MANAGED + - CUSTOMER type: string required: - projectRef @@ -4862,7 +4867,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: mongodb/mongodb-atlas-kubernetes-operator:2.3.0 + image: mongodb/mongodb-atlas-kubernetes-operator:2.3.1 imagePullPolicy: Always livenessProbe: httpGet: diff --git a/deploy/clusterwide/clusterwide-config.yaml b/deploy/clusterwide/clusterwide-config.yaml index 0c9645e5b2..7988908a2e 100644 --- a/deploy/clusterwide/clusterwide-config.yaml +++ b/deploy/clusterwide/clusterwide-config.yaml @@ -386,7 +386,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: mongodb/mongodb-atlas-kubernetes-operator:2.3.0 + image: mongodb/mongodb-atlas-kubernetes-operator:2.3.1 imagePullPolicy: Always livenessProbe: httpGet: diff --git a/deploy/clusterwide/crds.yaml b/deploy/clusterwide/crds.yaml index aeeadc50b8..ce4110235f 100644 --- a/deploy/clusterwide/crds.yaml +++ b/deploy/clusterwide/crds.yaml @@ -539,8 +539,13 @@ spec: maxLength: 1024 type: string x509Type: + default: NONE description: X509Type is X.509 method by which the database authenticates the provided username + enum: + - NONE + - MANAGED + - CUSTOMER type: string required: - projectRef diff --git a/deploy/crds/atlas.mongodb.com_atlasdatabaseusers.yaml b/deploy/crds/atlas.mongodb.com_atlasdatabaseusers.yaml index f1df6a2ab3..4058537375 100644 --- a/deploy/crds/atlas.mongodb.com_atlasdatabaseusers.yaml +++ b/deploy/crds/atlas.mongodb.com_atlasdatabaseusers.yaml @@ -181,8 +181,13 @@ spec: maxLength: 1024 type: string x509Type: + default: NONE description: X509Type is X.509 method by which the database authenticates the provided username + enum: + - NONE + - MANAGED + - CUSTOMER type: string required: - projectRef diff --git a/deploy/namespaced/crds.yaml b/deploy/namespaced/crds.yaml index aeeadc50b8..ce4110235f 100644 --- a/deploy/namespaced/crds.yaml +++ b/deploy/namespaced/crds.yaml @@ -539,8 +539,13 @@ spec: maxLength: 1024 type: string x509Type: + default: NONE description: X509Type is X.509 method by which the database authenticates the provided username + enum: + - NONE + - MANAGED + - CUSTOMER type: string required: - projectRef diff --git a/deploy/namespaced/namespaced-config.yaml b/deploy/namespaced/namespaced-config.yaml index 6eb064d463..bb0c8a7295 100644 --- a/deploy/namespaced/namespaced-config.yaml +++ b/deploy/namespaced/namespaced-config.yaml @@ -392,7 +392,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: mongodb/mongodb-atlas-kubernetes-operator:2.3.0 + image: mongodb/mongodb-atlas-kubernetes-operator:2.3.1 imagePullPolicy: Always livenessProbe: httpGet: diff --git a/deploy/openshift/crds.yaml b/deploy/openshift/crds.yaml index aeeadc50b8..ce4110235f 100644 --- a/deploy/openshift/crds.yaml +++ b/deploy/openshift/crds.yaml @@ -539,8 +539,13 @@ spec: maxLength: 1024 type: string x509Type: + default: NONE description: X509Type is X.509 method by which the database authenticates the provided username + enum: + - NONE + - MANAGED + - CUSTOMER type: string required: - projectRef diff --git a/deploy/openshift/openshift.yaml b/deploy/openshift/openshift.yaml index 8a9c031ca7..88148d60d3 100644 --- a/deploy/openshift/openshift.yaml +++ b/deploy/openshift/openshift.yaml @@ -391,7 +391,7 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: mongodb/mongodb-atlas-kubernetes-operator:2.3.0 + image: mongodb/mongodb-atlas-kubernetes-operator:2.3.1 imagePullPolicy: Always livenessProbe: httpGet: diff --git a/docs/releases/v2.3.1/sdlc-compliance.md b/docs/releases/v2.3.1/sdlc-compliance.md new file mode 100644 index 0000000000..2d5e795413 --- /dev/null +++ b/docs/releases/v2.3.1/sdlc-compliance.md @@ -0,0 +1,46 @@ +SSDLC Compliance Report: Atlas Kubernetes Operator Manager v2.3.1 +================================================================= + +- Release Creators: jose.vazquez@mongodb.com +- Created On: 2024-06-10 + +Overview: + +- **Product and Release Name** + + - Atlas Kubernetes Operator v2.3.1, 2024-06-10. + +- **Process Document** + - http://go/how-we-develop-software-doc + +- **Tool used to track third party vulnerabilities** + - [Silk](https://www.silk.security/) + +- **Dependency Information** + - See SBOMS Lite manifests (CycloneDX in JSON format) for `Intel` and `ARM` are to be found [here](.) + - See [instructions on how the SBOMs are generated or how to generate them manually](../../dev/image-sboms.md) + - [Internal compliance folder](https://drive.google.com/drive/folders/1k0TsPgJcMwgj2muSPHU0FHHBjPT0dkS0?usp=drive_link) + +- **Static Analysis Report** + - No SAST findings. Our CI system blocks merges on any SAST findings. + - No vulnerabilities were ignored for this release. + +- **Release Signature Report** + - Image signatures enforced by CI pipeline. + - See [Signature verification instructions here](../../dev/signed-images.md) + - Self-verification shortcut: + ```shell + make verify IMG=mongodb/mongodb-atlas-kubernetes-operator:2.3.1 SIGNATURE_REPO=mongodb/signatures + ``` + +- **Security Testing Report** + - Available as needed from Cloud Security. + +- **Security Assessment Report** + - Available as needed from Cloud Security. + +Assumptions and attestations: + +- Internal processes are used to ensure CVEs are identified and mitigated within SLAs. + +- All Operator images are signed by MongoDB, with signatures stored at `docker.io/mongodb/signatures`.