Ensure SERVER_ADDR includes scheme on re-download manifestFix server addr #5213
+4
−2
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: UJESH2K <[email protected]>
Signed-off-by: UJESH2K <[email protected]>
UJESH2K
force-pushed
the
fix-server-addr
branch
from
97b931a to
6f478ee
Compare
UJESH2K
force-pushed
the
fix-server-addr
branch
2 times, most recently
from
0a282f9 to
6f478ee
Compare
|
Hi 👋, I’ve updated the Go version in the GraphQL server Dockerfile to 1.24.6 to fix the critical vulnerabilities flagged by Trivy in the previous workflow run. This PR now requires workflow approval to run the CI checks (Docker builds, Trivy scan, and unit tests). Once approved, all checks should pass. Thanks for reviewing! 🙏 |
PriteshKiri
approved these changes
Oct 8, 2025
amityt
approved these changes
Oct 8, 2025
Jonsy13
approved these changes
Oct 8, 2025
PriteshKiri
added
Hacktoberfest
hacktoberfest-accepted
SarthakJain26
approved these changes
Oct 15, 2025
UJESH2K
added a commit
to UJESH2K/fix-server-addr
that referenced
this pull request
Oct 23, 2025
…addr (litmuschaos#5213) * Ensure SERVER_ADDR includes scheme on re-download manifest Signed-off-by: UJESH2K <[email protected]> * Ensure SERVER_ADDR includes scheme on re-download manifest Signed-off-by: UJESH2K <[email protected]> --------- Signed-off-by: UJESH2K <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Co-authored-by: Vedant Shrotria <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]>
Jonsy13
added a commit
that referenced
this pull request
Oct 27, 2025
* fix[5200]: Namespace Compromise via hostPID (#5201) * fix: hostPID set to false Signed-off-by: zyue110026 <[email protected]> * fix: hostPID set to false Signed-off-by: zyue110026 <[email protected]> --------- Signed-off-by: zyue110026 <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * fix: Potential Denial of Service via unrestricted CPU/memory and root user execution (#5203) * fix: hostPID set to false Signed-off-by: zyue110026 <[email protected]> * fix: hostPID set to false Signed-off-by: zyue110026 <[email protected]> * fix: Potential Denial of Service via unrestricted CPU/memory and root user execution Signed-off-by: zyue110026 <[email protected]> * fix: Potential Denial of Service via unrestricted CPU/memory and root user execution Signed-off-by: zyue110026 <[email protected]> * fix: Potential Denial of Service via unrestricted CPU/memory and root user execution Signed-off-by: zyue110026 <[email protected]> --------- Signed-off-by: zyue110026 <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * fix: [5167]: updated probe fetching logic in a fault (#5199) * feat: [5167]: updated probe fetching logic in a fault Signed-off-by: Amit Kumar Das <[email protected]> * feat: [5167]: fixed go fmt Signed-off-by: Amit Kumar Das <[email protected]> --------- Signed-off-by: Amit Kumar Das <[email protected]> Co-authored-by: Shubham Chaudhary <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Update Polices (#5186) * update: governance Signed-off-by: PriteshKiri <[email protected]> * update: code of conduct Signed-off-by: PriteshKiri <[email protected]> * update: contribution guide Signed-off-by: PriteshKiri <[email protected]> * chore: updated community meetings content in Readme Signed-off-by: PriteshKiri <[email protected]> * fix: community meeting form link Signed-off-by: PriteshKiri <[email protected]> --------- Signed-off-by: PriteshKiri <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Removes hardcoded namespaces for K8s manifests (#5223) Signed-off-by: Bartlomiej Gmerek <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Ensure SERVER_ADDR includes scheme on re-download manifestFix server addr (#5213) * Ensure SERVER_ADDR includes scheme on re-download manifest Signed-off-by: UJESH2K <[email protected]> * Ensure SERVER_ADDR includes scheme on re-download manifest Signed-off-by: UJESH2K <[email protected]> --------- Signed-off-by: UJESH2K <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Co-authored-by: Vedant Shrotria <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * fix: resolve missing experiment pod logs issue (#5207) Fixed missing experiment pod logs by updating relevant entities and components. Updated workflowRun entity, CustomStepLog controller, and ExperimentRunDetailsPanel to properly handle and display experiment pod logs. Signed-off-by: Harshit Panchbhai <[email protected]> Co-authored-by: Amit Kumar Das <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Added fixes (#5227) Co-authored-by: git <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * chore(3.22.0): Add the installation manifest for 3.22.0 version (#5229) Signed-off-by: Shubham Chaudhary <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Fixed conversion issues and added formatting improvements Signed-off-by: UJESH KUMAR YADAV <[email protected]> * changed all go version to 1.24.0 Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Delete test-chaoscenter-mods.ps1 Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Delete test-chaoscenter-mods.ps1 Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Update Dockerfile Signed-off-by: UJESH KUMAR YADAV <[email protected]> --------- Signed-off-by: zyue110026 <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> Signed-off-by: Amit Kumar Das <[email protected]> Signed-off-by: PriteshKiri <[email protected]> Signed-off-by: Bartlomiej Gmerek <[email protected]> Signed-off-by: UJESH2K <[email protected]> Signed-off-by: Harshit Panchbhai <[email protected]> Signed-off-by: Shubham Chaudhary <[email protected]> Co-authored-by: zyue110026 <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Co-authored-by: Amit Kumar Das <[email protected]> Co-authored-by: Shubham Chaudhary <[email protected]> Co-authored-by: Bartlomiej Gmerek <[email protected]> Co-authored-by: Vedant Shrotria <[email protected]> Co-authored-by: harshit12339 <[email protected]> Co-authored-by: git <[email protected]>
UJESH2K
added a commit
to UJESH2K/fix-server-addr
that referenced
this pull request
Oct 28, 2025
…schaos#5236) * fix[5200]: Namespace Compromise via hostPID (litmuschaos#5201) * fix: hostPID set to false Signed-off-by: zyue110026 <[email protected]> * fix: hostPID set to false Signed-off-by: zyue110026 <[email protected]> --------- Signed-off-by: zyue110026 <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * fix: Potential Denial of Service via unrestricted CPU/memory and root user execution (litmuschaos#5203) * fix: hostPID set to false Signed-off-by: zyue110026 <[email protected]> * fix: hostPID set to false Signed-off-by: zyue110026 <[email protected]> * fix: Potential Denial of Service via unrestricted CPU/memory and root user execution Signed-off-by: zyue110026 <[email protected]> * fix: Potential Denial of Service via unrestricted CPU/memory and root user execution Signed-off-by: zyue110026 <[email protected]> * fix: Potential Denial of Service via unrestricted CPU/memory and root user execution Signed-off-by: zyue110026 <[email protected]> --------- Signed-off-by: zyue110026 <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * fix: [5167]: updated probe fetching logic in a fault (litmuschaos#5199) * feat: [5167]: updated probe fetching logic in a fault Signed-off-by: Amit Kumar Das <[email protected]> * feat: [5167]: fixed go fmt Signed-off-by: Amit Kumar Das <[email protected]> --------- Signed-off-by: Amit Kumar Das <[email protected]> Co-authored-by: Shubham Chaudhary <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Update Polices (litmuschaos#5186) * update: governance Signed-off-by: PriteshKiri <[email protected]> * update: code of conduct Signed-off-by: PriteshKiri <[email protected]> * update: contribution guide Signed-off-by: PriteshKiri <[email protected]> * chore: updated community meetings content in Readme Signed-off-by: PriteshKiri <[email protected]> * fix: community meeting form link Signed-off-by: PriteshKiri <[email protected]> --------- Signed-off-by: PriteshKiri <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Removes hardcoded namespaces for K8s manifests (litmuschaos#5223) Signed-off-by: Bartlomiej Gmerek <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Ensure SERVER_ADDR includes scheme on re-download manifestFix server addr (litmuschaos#5213) * Ensure SERVER_ADDR includes scheme on re-download manifest Signed-off-by: UJESH2K <[email protected]> * Ensure SERVER_ADDR includes scheme on re-download manifest Signed-off-by: UJESH2K <[email protected]> --------- Signed-off-by: UJESH2K <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Co-authored-by: Vedant Shrotria <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * fix: resolve missing experiment pod logs issue (litmuschaos#5207) Fixed missing experiment pod logs by updating relevant entities and components. Updated workflowRun entity, CustomStepLog controller, and ExperimentRunDetailsPanel to properly handle and display experiment pod logs. Signed-off-by: Harshit Panchbhai <[email protected]> Co-authored-by: Amit Kumar Das <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Added fixes (litmuschaos#5227) Co-authored-by: git <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * chore(3.22.0): Add the installation manifest for 3.22.0 version (litmuschaos#5229) Signed-off-by: Shubham Chaudhary <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Fixed conversion issues and added formatting improvements Signed-off-by: UJESH KUMAR YADAV <[email protected]> * changed all go version to 1.24.0 Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Delete test-chaoscenter-mods.ps1 Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Delete test-chaoscenter-mods.ps1 Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Update Dockerfile Signed-off-by: UJESH KUMAR YADAV <[email protected]> --------- Signed-off-by: zyue110026 <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> Signed-off-by: Amit Kumar Das <[email protected]> Signed-off-by: PriteshKiri <[email protected]> Signed-off-by: Bartlomiej Gmerek <[email protected]> Signed-off-by: UJESH2K <[email protected]> Signed-off-by: Harshit Panchbhai <[email protected]> Signed-off-by: Shubham Chaudhary <[email protected]> Co-authored-by: zyue110026 <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Co-authored-by: Amit Kumar Das <[email protected]> Co-authored-by: Shubham Chaudhary <[email protected]> Co-authored-by: Bartlomiej Gmerek <[email protected]> Co-authored-by: Vedant Shrotria <[email protected]> Co-authored-by: harshit12339 <[email protected]> Co-authored-by: git <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]>
UJESH2K
added a commit
to UJESH2K/fix-server-addr
that referenced
this pull request
Oct 28, 2025
…schaos#5236) * fix[5200]: Namespace Compromise via hostPID (litmuschaos#5201) * fix: hostPID set to false Signed-off-by: zyue110026 <[email protected]> * fix: hostPID set to false Signed-off-by: zyue110026 <[email protected]> --------- Signed-off-by: zyue110026 <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * fix: Potential Denial of Service via unrestricted CPU/memory and root user execution (litmuschaos#5203) * fix: hostPID set to false Signed-off-by: zyue110026 <[email protected]> * fix: hostPID set to false Signed-off-by: zyue110026 <[email protected]> * fix: Potential Denial of Service via unrestricted CPU/memory and root user execution Signed-off-by: zyue110026 <[email protected]> * fix: Potential Denial of Service via unrestricted CPU/memory and root user execution Signed-off-by: zyue110026 <[email protected]> * fix: Potential Denial of Service via unrestricted CPU/memory and root user execution Signed-off-by: zyue110026 <[email protected]> --------- Signed-off-by: zyue110026 <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * fix: [5167]: updated probe fetching logic in a fault (litmuschaos#5199) * feat: [5167]: updated probe fetching logic in a fault Signed-off-by: Amit Kumar Das <[email protected]> * feat: [5167]: fixed go fmt Signed-off-by: Amit Kumar Das <[email protected]> --------- Signed-off-by: Amit Kumar Das <[email protected]> Co-authored-by: Shubham Chaudhary <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Update Polices (litmuschaos#5186) * update: governance Signed-off-by: PriteshKiri <[email protected]> * update: code of conduct Signed-off-by: PriteshKiri <[email protected]> * update: contribution guide Signed-off-by: PriteshKiri <[email protected]> * chore: updated community meetings content in Readme Signed-off-by: PriteshKiri <[email protected]> * fix: community meeting form link Signed-off-by: PriteshKiri <[email protected]> --------- Signed-off-by: PriteshKiri <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Removes hardcoded namespaces for K8s manifests (litmuschaos#5223) Signed-off-by: Bartlomiej Gmerek <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Ensure SERVER_ADDR includes scheme on re-download manifestFix server addr (litmuschaos#5213) * Ensure SERVER_ADDR includes scheme on re-download manifest Signed-off-by: UJESH2K <[email protected]> * Ensure SERVER_ADDR includes scheme on re-download manifest Signed-off-by: UJESH2K <[email protected]> --------- Signed-off-by: UJESH2K <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Co-authored-by: Vedant Shrotria <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * fix: resolve missing experiment pod logs issue (litmuschaos#5207) Fixed missing experiment pod logs by updating relevant entities and components. Updated workflowRun entity, CustomStepLog controller, and ExperimentRunDetailsPanel to properly handle and display experiment pod logs. Signed-off-by: Harshit Panchbhai <[email protected]> Co-authored-by: Amit Kumar Das <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Added fixes (litmuschaos#5227) Co-authored-by: git <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * chore(3.22.0): Add the installation manifest for 3.22.0 version (litmuschaos#5229) Signed-off-by: Shubham Chaudhary <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Fixed conversion issues and added formatting improvements Signed-off-by: UJESH KUMAR YADAV <[email protected]> * changed all go version to 1.24.0 Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Delete test-chaoscenter-mods.ps1 Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Delete test-chaoscenter-mods.ps1 Signed-off-by: UJESH KUMAR YADAV <[email protected]> * Update Dockerfile Signed-off-by: UJESH KUMAR YADAV <[email protected]> --------- Signed-off-by: zyue110026 <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]> Signed-off-by: Amit Kumar Das <[email protected]> Signed-off-by: PriteshKiri <[email protected]> Signed-off-by: Bartlomiej Gmerek <[email protected]> Signed-off-by: UJESH2K <[email protected]> Signed-off-by: Harshit Panchbhai <[email protected]> Signed-off-by: Shubham Chaudhary <[email protected]> Co-authored-by: zyue110026 <[email protected]> Co-authored-by: Pritesh Kiri <[email protected]> Co-authored-by: Amit Kumar Das <[email protected]> Co-authored-by: Shubham Chaudhary <[email protected]> Co-authored-by: Bartlomiej Gmerek <[email protected]> Co-authored-by: Vedant Shrotria <[email protected]> Co-authored-by: harshit12339 <[email protected]> Co-authored-by: git <[email protected]> Signed-off-by: UJESH KUMAR YADAV <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR resolves an issue where the "Re-Download manifest" feature was generating SERVER_ADDR without a proper scheme (for example, my_domain.dev instead of https://my_domain.dev).
Key updates:
Modified chaos_infrastructure.resolvers.go to include the scheme in SERVER_ADDR, consistent with service.go.
Ensures secure WebSocket connections (wss://) when using re-downloaded manifests.
Prevents failures caused by insecure default connections (ws://).
Issue Reference: #5105
Testing: