Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: camel-k-1.10
Affects Version/s: camel-k-1.8
Component/s: Camel-K
Labels:
None

Blocked:
False
Ready:
False
Fuse Progress Bar:

% %
Regression Test:
Todo
Git Pull Request:
https://github.com/apache/camel-k-runtime/pull/901, https://github.com/apache/camel-k/pull/3754, https://github.com/apache/camel-k-runtime/pull/964, https://github.com/apache/camel-k/pull/4018

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Clarification:

What does Build From Source mean for Camel K?
Should Camel K comply with Build From Source?

Following artefacts used by jolokia trait aren't productised:

camel-management/camel-quarkus-management
mvn:org.jolokia:jolokia-jvm:jar:1.7.1

https://github.com/apache/camel-k/blob/3cedfa0ddcb840db933d1574a20b46a7dcfab38e/pkg/trait/jolokia.go#L61-L66

CEQ understanding of Build From Source means:

If any supported functionality of a product isn't backed up by redhat built jars, the product doesn't comply with Build From Source.
If you don't use redhat build jars, CVE detection done by ProdSec may not work.

I suspect that this haven't been checked in the past.

relates to

CMLK-101 We claim support for the jolokia trait, but the underpinning deps are not fully productised

Closed

CMLK-1753 Add support for 'jolokia' trait

Closed

Assignee:: Claudio Miranda

Reporter:: Viliam Kasala

Votes:: 0 Vote for this issue

Watchers:: 8 Start watching this issue

Created:: 2022/08/03 12:46 PM

Updated:: 2024/02/15 2:32 PM

Resolved:: 2023/02/07 10:38 AM