feat: Loading the CA trusted store certificate into Feast to verify the public certificate. #4852

lokeshrangineni · 2024-12-14T08:20:00Z

What this PR does / why we need it:

This PR should be able to load the CA trust store to validate the TLS public certificates.

Which issue(s) this PR fixes:

4857

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

…ide rather than on the server side. And also fixing the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

Changed the offline store TLS setting decision from cert to scheme. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

…st store. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

…e PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

…integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

docs/how-to-guides/starting-feast-servers-tls-mode.md

sdk/python/feast/infra/registry/remote.py

sdk/python/feast/ssl_ca_trust_store_setup.py

franciscojavierarceo

some minor nits for future readers

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

…he public certificate. (feast-dev#4852) * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the lint error. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Trying to fix the online store test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Formatted the python to fix lint errors. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * removing unnecessary cli args. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Now configuring the SSL ca store configurations on the feast client side rather than on the server side. And also fixing the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Renamed the remote registry is_tls_mode variable to is_tls. Changed the offline store TLS setting decision from cert to scheme. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Adding the existing trust store certificates to the newly created trust store. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * combining the default system ca store with the custom one to fix the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Final clean up and adding documentation. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Incorporating the code review comments from Francisco. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* feat: Loading the CA trusted store certificate into Feast to verify the public certificate. (feast-dev#4852) * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the lint error. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Trying to fix the online store test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Formatted the python to fix lint errors. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * removing unnecessary cli args. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Now configuring the SSL ca store configurations on the feast client side rather than on the server side. And also fixing the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Renamed the remote registry is_tls_mode variable to is_tls. Changed the offline store TLS setting decision from cert to scheme. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Adding the existing trust store certificates to the newly created trust store. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * combining the default system ca store with the custom one to fix the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Final clean up and adding documentation. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Incorporating the code review comments from Francisco. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: Updated python-helm-demo example to use MinIO instead of GS (feast-dev#4691) * Updated python-helm-demo example to use MinIO instead of GS Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * Update examples/python-helm-demo/README.md Co-authored-by: Francisco Arceo <farceo@redhat.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * Adding explicit wait to container to validate CI failures Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * restored original conftest Signed-off-by: Daniele Martinoli <dmartino@redhat.com> --------- Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Francisco Arceo <farceo@redhat.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: Fixing some of the warnings with the github actions (feast-dev#4763) Fixing some of the warnings with the github actions, most of them related to deprecated actions or libraries. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Update README.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Snyk scan vulnerability fixes. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Reverting the grpc version so hoping that it will fix the java integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Upgrading the grpc version as it didn't fix the problem Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * adding grpc-api libraries as dependency to solve some of the class not found exceptions with the grpc upgrades. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 2 vulnerabilities (#3) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Changing the python httpx package to 0.27.2 because after 0.28.0 version is giving errors related to proxies which is removed. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Security upgrade io.grpc:grpc-services from 1.53.0 to 1.63.0 (#4) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 1 vulnerabilities (#5) Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * trying to fix some vulnerabilities in the requirements.txt files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the lettuce-core to fix the snyk vulnerability. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Daniele Martinoli <86618610+dmartinol@users.noreply.github.com> Co-authored-by: Francisco Arceo <farceo@redhat.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* feat: Loading the CA trusted store certificate into Feast to verify the public certificate. (#4852) * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the lint error. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Trying to fix the online store test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Formatted the python to fix lint errors. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * removing unnecessary cli args. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Now configuring the SSL ca store configurations on the feast client side rather than on the server side. And also fixing the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Renamed the remote registry is_tls_mode variable to is_tls. Changed the offline store TLS setting decision from cert to scheme. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Adding the existing trust store certificates to the newly created trust store. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * combining the default system ca store with the custom one to fix the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Final clean up and adding documentation. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Incorporating the code review comments from Francisco. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: Updated python-helm-demo example to use MinIO instead of GS (#4691) * Updated python-helm-demo example to use MinIO instead of GS Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * Update examples/python-helm-demo/README.md Co-authored-by: Francisco Arceo <farceo@redhat.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * Adding explicit wait to container to validate CI failures Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * restored original conftest Signed-off-by: Daniele Martinoli <dmartino@redhat.com> --------- Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Francisco Arceo <farceo@redhat.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: Fixing some of the warnings with the github actions (#4763) Fixing some of the warnings with the github actions, most of them related to deprecated actions or libraries. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Update README.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Snyk scan vulnerability fixes. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Reverting the grpc version so hoping that it will fix the java integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Upgrading the grpc version as it didn't fix the problem Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * adding grpc-api libraries as dependency to solve some of the class not found exceptions with the grpc upgrades. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 2 vulnerabilities (#3) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Changing the python httpx package to 0.27.2 because after 0.28.0 version is giving errors related to proxies which is removed. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Security upgrade io.grpc:grpc-services from 1.53.0 to 1.63.0 (#4) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 1 vulnerabilities (#5) Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * trying to fix some vulnerabilities in the requirements.txt files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the lettuce-core to fix the snyk vulnerability. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Daniele Martinoli <86618610+dmartinol@users.noreply.github.com> Co-authored-by: Francisco Arceo <farceo@redhat.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* Update README.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Feature/lrangine master (#6) * Snyk scan vulnerability fixes. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Reverting the grpc version so hoping that it will fix the java integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Upgrading the grpc version as it didn't fix the problem Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * adding grpc-api libraries as dependency to solve some of the class not found exceptions with the grpc upgrades. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 2 vulnerabilities (#3) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Changing the python httpx package to 0.27.2 because after 0.28.0 version is giving errors related to proxies which is removed. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Security upgrade io.grpc:grpc-services from 1.53.0 to 1.63.0 (#4) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 1 vulnerabilities (#5) Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * trying to fix some vulnerabilities in the requirements.txt files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Feature/lrangine master (#7) * feat: Loading the CA trusted store certificate into Feast to verify the public certificate. (feast-dev#4852) * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the lint error. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Trying to fix the online store test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Formatted the python to fix lint errors. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * removing unnecessary cli args. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Now configuring the SSL ca store configurations on the feast client side rather than on the server side. And also fixing the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Renamed the remote registry is_tls_mode variable to is_tls. Changed the offline store TLS setting decision from cert to scheme. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Adding the existing trust store certificates to the newly created trust store. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * combining the default system ca store with the custom one to fix the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Final clean up and adding documentation. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Incorporating the code review comments from Francisco. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: Updated python-helm-demo example to use MinIO instead of GS (feast-dev#4691) * Updated python-helm-demo example to use MinIO instead of GS Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * Update examples/python-helm-demo/README.md Co-authored-by: Francisco Arceo <farceo@redhat.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * Adding explicit wait to container to validate CI failures Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * restored original conftest Signed-off-by: Daniele Martinoli <dmartino@redhat.com> --------- Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Francisco Arceo <farceo@redhat.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: Fixing some of the warnings with the github actions (feast-dev#4763) Fixing some of the warnings with the github actions, most of them related to deprecated actions or libraries. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Update README.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Snyk scan vulnerability fixes. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Reverting the grpc version so hoping that it will fix the java integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Upgrading the grpc version as it didn't fix the problem Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * adding grpc-api libraries as dependency to solve some of the class not found exceptions with the grpc upgrades. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 2 vulnerabilities (#3) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Changing the python httpx package to 0.27.2 because after 0.28.0 version is giving errors related to proxies which is removed. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Security upgrade io.grpc:grpc-services from 1.53.0 to 1.63.0 (#4) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 1 vulnerabilities (#5) Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * trying to fix some vulnerabilities in the requirements.txt files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the lettuce-core to fix the snyk vulnerability. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Daniele Martinoli <86618610+dmartinol@users.noreply.github.com> Co-authored-by: Francisco Arceo <farceo@redhat.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * updating netty library Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * updating netty library Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Daniele Martinoli <86618610+dmartinol@users.noreply.github.com> Co-authored-by: Francisco Arceo <farceo@redhat.com>

* Update README.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Feature/lrangine master (#6) * Snyk scan vulnerability fixes. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Reverting the grpc version so hoping that it will fix the java integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Upgrading the grpc version as it didn't fix the problem Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * adding grpc-api libraries as dependency to solve some of the class not found exceptions with the grpc upgrades. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 2 vulnerabilities (#3) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Changing the python httpx package to 0.27.2 because after 0.28.0 version is giving errors related to proxies which is removed. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Security upgrade io.grpc:grpc-services from 1.53.0 to 1.63.0 (#4) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 1 vulnerabilities (#5) Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * trying to fix some vulnerabilities in the requirements.txt files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Feature/lrangine master (#7) * feat: Loading the CA trusted store certificate into Feast to verify the public certificate. (feast-dev#4852) * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the lint error. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Trying to fix the online store test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Formatted the python to fix lint errors. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * removing unnecessary cli args. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Now configuring the SSL ca store configurations on the feast client side rather than on the server side. And also fixing the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Renamed the remote registry is_tls_mode variable to is_tls. Changed the offline store TLS setting decision from cert to scheme. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Adding the existing trust store certificates to the newly created trust store. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * combining the default system ca store with the custom one to fix the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Final clean up and adding documentation. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Incorporating the code review comments from Francisco. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: Updated python-helm-demo example to use MinIO instead of GS (feast-dev#4691) * Updated python-helm-demo example to use MinIO instead of GS Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * Update examples/python-helm-demo/README.md Co-authored-by: Francisco Arceo <farceo@redhat.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * Adding explicit wait to container to validate CI failures Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * restored original conftest Signed-off-by: Daniele Martinoli <dmartino@redhat.com> --------- Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Francisco Arceo <farceo@redhat.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: Fixing some of the warnings with the github actions (feast-dev#4763) Fixing some of the warnings with the github actions, most of them related to deprecated actions or libraries. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Update README.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Snyk scan vulnerability fixes. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Reverting the grpc version so hoping that it will fix the java integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Upgrading the grpc version as it didn't fix the problem Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * adding grpc-api libraries as dependency to solve some of the class not found exceptions with the grpc upgrades. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 2 vulnerabilities (#3) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Changing the python httpx package to 0.27.2 because after 0.28.0 version is giving errors related to proxies which is removed. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Security upgrade io.grpc:grpc-services from 1.53.0 to 1.63.0 (#4) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 1 vulnerabilities (#5) Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * trying to fix some vulnerabilities in the requirements.txt files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the lettuce-core to fix the snyk vulnerability. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Daniele Martinoli <86618610+dmartinol@users.noreply.github.com> Co-authored-by: Francisco Arceo <farceo@redhat.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * updating netty library Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * updating netty library Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating aws java sdk libraries. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Daniele Martinoli <86618610+dmartinol@users.noreply.github.com> Co-authored-by: Francisco Arceo <farceo@redhat.com>

* Update README.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Feature/lrangine master (#6) * Snyk scan vulnerability fixes. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Reverting the grpc version so hoping that it will fix the java integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Upgrading the grpc version as it didn't fix the problem Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * adding grpc-api libraries as dependency to solve some of the class not found exceptions with the grpc upgrades. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 2 vulnerabilities (#3) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Changing the python httpx package to 0.27.2 because after 0.28.0 version is giving errors related to proxies which is removed. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Security upgrade io.grpc:grpc-services from 1.53.0 to 1.63.0 (#4) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 1 vulnerabilities (#5) Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * trying to fix some vulnerabilities in the requirements.txt files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Feature/lrangine master (#7) * feat: Loading the CA trusted store certificate into Feast to verify the public certificate. (#4852) * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the lint error. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Trying to fix the online store test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Formatted the python to fix lint errors. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * removing unnecessary cli args. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Now configuring the SSL ca store configurations on the feast client side rather than on the server side. And also fixing the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Renamed the remote registry is_tls_mode variable to is_tls. Changed the offline store TLS setting decision from cert to scheme. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Adding the existing trust store certificates to the newly created trust store. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * combining the default system ca store with the custom one to fix the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Final clean up and adding documentation. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Incorporating the code review comments from Francisco. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: Updated python-helm-demo example to use MinIO instead of GS (#4691) * Updated python-helm-demo example to use MinIO instead of GS Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * Update examples/python-helm-demo/README.md Co-authored-by: Francisco Arceo <farceo@redhat.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * Adding explicit wait to container to validate CI failures Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * restored original conftest Signed-off-by: Daniele Martinoli <dmartino@redhat.com> --------- Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Francisco Arceo <farceo@redhat.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: Fixing some of the warnings with the github actions (#4763) Fixing some of the warnings with the github actions, most of them related to deprecated actions or libraries. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Update README.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Snyk scan vulnerability fixes. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Reverting the grpc version so hoping that it will fix the java integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Upgrading the grpc version as it didn't fix the problem Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * adding grpc-api libraries as dependency to solve some of the class not found exceptions with the grpc upgrades. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 2 vulnerabilities (#3) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Changing the python httpx package to 0.27.2 because after 0.28.0 version is giving errors related to proxies which is removed. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Security upgrade io.grpc:grpc-services from 1.53.0 to 1.63.0 (#4) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 1 vulnerabilities (#5) Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * trying to fix some vulnerabilities in the requirements.txt files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the lettuce-core to fix the snyk vulnerability. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Daniele Martinoli <86618610+dmartinol@users.noreply.github.com> Co-authored-by: Francisco Arceo <farceo@redhat.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * updating netty library Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * updating netty library Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating aws java sdk libraries. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Adding verbose logs to debug the sudden failure of tests without any error messages. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Adding verbose logs to debug the sudden failure of tests without any error messages. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Daniele Martinoli <86618610+dmartinol@users.noreply.github.com> Co-authored-by: Francisco Arceo <farceo@redhat.com>

…he public certificate. (feast-dev#4852) * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the lint error. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Trying to fix the online store test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Formatted the python to fix lint errors. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * removing unnecessary cli args. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Now configuring the SSL ca store configurations on the feast client side rather than on the server side. And also fixing the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Renamed the remote registry is_tls_mode variable to is_tls. Changed the offline store TLS setting decision from cert to scheme. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Adding the existing trust store certificates to the newly created trust store. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * combining the default system ca store with the custom one to fix the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Final clean up and adding documentation. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Incorporating the code review comments from Francisco. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* Update README.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Feature/lrangine master (feast-dev#6) * Snyk scan vulnerability fixes. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Reverting the grpc version so hoping that it will fix the java integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Upgrading the grpc version as it didn't fix the problem Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * adding grpc-api libraries as dependency to solve some of the class not found exceptions with the grpc upgrades. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 2 vulnerabilities (feast-dev#3) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Changing the python httpx package to 0.27.2 because after 0.28.0 version is giving errors related to proxies which is removed. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Security upgrade io.grpc:grpc-services from 1.53.0 to 1.63.0 (feast-dev#4) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 1 vulnerabilities (feast-dev#5) Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * trying to fix some vulnerabilities in the requirements.txt files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Feature/lrangine master (feast-dev#7) * feat: Loading the CA trusted store certificate into Feast to verify the public certificate. (feast-dev#4852) * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Initial Draft version to load the CA trusted store code. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the lint error. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Trying to fix the online store test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Formatted the python to fix lint errors. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Fixing the unit test cases. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * removing unnecessary cli args. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Now configuring the SSL ca store configurations on the feast client side rather than on the server side. And also fixing the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Renamed the remote registry is_tls_mode variable to is_tls. Changed the offline store TLS setting decision from cert to scheme. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Adding the existing trust store certificates to the newly created trust store. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Clearing the existing trust store configuration to see if it fixes the PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * combining the default system ca store with the custom one to fix the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Final clean up and adding documentation. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Incorporating the code review comments from Francisco. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: Updated python-helm-demo example to use MinIO instead of GS (feast-dev#4691) * Updated python-helm-demo example to use MinIO instead of GS Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * Update examples/python-helm-demo/README.md Co-authored-by: Francisco Arceo <farceo@redhat.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * Adding explicit wait to container to validate CI failures Signed-off-by: Daniele Martinoli <dmartino@redhat.com> * restored original conftest Signed-off-by: Daniele Martinoli <dmartino@redhat.com> --------- Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Francisco Arceo <farceo@redhat.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: Fixing some of the warnings with the github actions (feast-dev#4763) Fixing some of the warnings with the github actions, most of them related to deprecated actions or libraries. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Update README.md Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Snyk scan vulnerability fixes. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Reverting the grpc version so hoping that it will fix the java integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Upgrading the grpc version as it didn't fix the problem Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * adding grpc-api libraries as dependency to solve some of the class not found exceptions with the grpc upgrades. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 2 vulnerabilities (feast-dev#3) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the requirements files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Changing the python httpx package to 0.27.2 because after 0.28.0 version is giving errors related to proxies which is removed. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Security upgrade io.grpc:grpc-services from 1.53.0 to 1.63.0 (feast-dev#4) * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * [Snyk] Fix for 1 vulnerabilities (feast-dev#5) Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * chore: Update quickstart.md * fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228 - https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772 - https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898 - https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327 - https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 - https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957 - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284 - https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047 * fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-TRIM-1017038 Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * fix: java/pom.xml to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356 --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * trying to fix some vulnerabilities in the requirements.txt files. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating the lettuce-core to fix the snyk vulnerability. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Daniele Martinoli <86618610+dmartinol@users.noreply.github.com> Co-authored-by: Francisco Arceo <farceo@redhat.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * updating netty library Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * updating netty library Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Updating aws java sdk libraries. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Adding verbose logs to debug the sudden failure of tests without any error messages. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> * Adding verbose logs to debug the sudden failure of tests without any error messages. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> --------- Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com> Signed-off-by: Daniele Martinoli <dmartino@redhat.com> Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com> Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Daniele Martinoli <86618610+dmartinol@users.noreply.github.com> Co-authored-by: Francisco Arceo <farceo@redhat.com>

# [0.43.0](v0.42.0...v0.43.0) (2025-01-20) ### Bug Fixes * Add k8s module to feature-server image ([#4839](#4839)) ([f565565](f565565)) * Adding input to workflow ([e3e8c97](e3e8c97)) * Change image push to use --all-tags option ([#4926](#4926)) ([02458fd](02458fd)) * Fix integration build/push for images ([#4923](#4923)) ([695e49b](695e49b)) * Fix integration operator push ([#4924](#4924)) ([13c7267](13c7267)) * Fix release.yml ([#4845](#4845)) ([b4768a8](b4768a8)) * Fixing some of the warnings with the github actions ([#4763](#4763)) ([1119439](1119439)) * Improve status.applied updates & add offline pvc unit test ([#4871](#4871)) ([3f49517](3f49517)) * Made fixes to Go Operator DB persistence ([#4830](#4830)) ([cdc0753](cdc0753)) * Make transformation_service_endpoint configuration optional ([#4880](#4880)) ([c62377b](c62377b)) * Move pre-release image builds to quay.io, retire gcr.io pushes ([#4922](#4922)) ([40b975b](40b975b)) * Performance regression in /get-online-features ([#4892](#4892)) ([0db56a2](0db56a2)) * Refactor Operator to deploy all feast services to the same Deployment/Pod ([#4863](#4863)) ([88854dd](88854dd)) * Remove unnecessary google cloud steps & upgrade docker action versions ([#4925](#4925)) ([32aaf9a](32aaf9a)) * Remove verifyClient TLS offlineStore option from the Operator ([#4847](#4847)) ([79fa247](79fa247)) * Resolving syntax error while querying a feature view with column name starting with a number and BigQuery as data source ([#4908](#4908)) ([d3495a0](d3495a0)) * Updated python-helm-demo example to use MinIO instead of GS ([#4691](#4691)) ([31afd99](31afd99)) ### Features * Add date field support to spark ([#4913](#4913)) ([a8aeb79](a8aeb79)) * Add date support when converting from python to feast types ([#4918](#4918)) ([bd9f071](bd9f071)) * Add duckdb extra to multicloud release image ([#4862](#4862)) ([b539eba](b539eba)) * Add milvus package to release image & option to Operator ([#4870](#4870)) ([ef724b6](ef724b6)) * Add Milvus Vector Database Implementation ([#4751](#4751)) ([22c7b58](22c7b58)) * Add online/offline replica support ([#4812](#4812)) ([b97da6c](b97da6c)) * Added pvc accessModes support ([#4851](#4851)) ([a73514c](a73514c)) * Adding EnvFrom support for the OptionalConfigs type to the Go Operator ([#4909](#4909)) ([e01e510](e01e510)) * Adding Feature Server to components docs ([#4868](#4868)) ([f95e54b](f95e54b)) * Adding features field to retrieve_online_features to return mor… ([#4869](#4869)) ([7df287e](7df287e)) * Adding packages for Milvus Online Store ([#4854](#4854)) ([49171bd](49171bd)) * Adding vector_search parameter to fields ([#4855](#4855)) ([739eaa7](739eaa7)) * Feast Operator support log level configuration for services ([#4808](#4808)) ([19424bc](19424bc)) * Go Operator - Parsing the output to go structs ([#4832](#4832)) ([732865f](732865f)) * Implement `date_partition_column` for `SparkSource` ([#4844](#4844)) ([c5ffa03](c5ffa03)) * Loading the CA trusted store certificate into Feast to verify the public certificate. ([#4852](#4852)) ([132ce2a](132ce2a)) * Operator E2E test to validate FeatureStore custom resource using remote registry ([#4822](#4822)) ([d558ef7](d558ef7)) * Operator improvements ([#4928](#4928)) ([7a1f4dd](7a1f4dd)) * Removing the tls_verify_client flag from feast cli for offline server. ([#4842](#4842)) ([8320e23](8320e23)) * Separating the RBAC and Remote related integration tests. ([#4905](#4905)) ([76e1e21](76e1e21)) * Snyk vulnerability issues fix. ([#4867](#4867)) ([dbc9207](dbc9207)), closes [#6](#6) [#3](#3) [#4](#4) * Use ASOF JOIN in Snowflake offline store query ([#4850](#4850)) ([8f591a2](8f591a2)) ### Reverts * Revert "chore: Add Milvus to pr_integration_tests.yml" ([#4900](#4900)) ([07958f7](07958f7)), closes [#4891](#4891)

# [0.43.0](feast-dev/feast@v0.42.0...v0.43.0) (2025-01-20) ### Bug Fixes * Add k8s module to feature-server image ([feast-dev#4839](feast-dev#4839)) ([f565565](feast-dev@f565565)) * Adding input to workflow ([e3e8c97](feast-dev@e3e8c97)) * Change image push to use --all-tags option ([feast-dev#4926](feast-dev#4926)) ([02458fd](feast-dev@02458fd)) * Fix integration build/push for images ([feast-dev#4923](feast-dev#4923)) ([695e49b](feast-dev@695e49b)) * Fix integration operator push ([feast-dev#4924](feast-dev#4924)) ([13c7267](feast-dev@13c7267)) * Fix release.yml ([feast-dev#4845](feast-dev#4845)) ([b4768a8](feast-dev@b4768a8)) * Fixing some of the warnings with the github actions ([feast-dev#4763](feast-dev#4763)) ([1119439](feast-dev@1119439)) * Improve status.applied updates & add offline pvc unit test ([feast-dev#4871](feast-dev#4871)) ([3f49517](feast-dev@3f49517)) * Made fixes to Go Operator DB persistence ([feast-dev#4830](feast-dev#4830)) ([cdc0753](feast-dev@cdc0753)) * Make transformation_service_endpoint configuration optional ([feast-dev#4880](feast-dev#4880)) ([c62377b](feast-dev@c62377b)) * Move pre-release image builds to quay.io, retire gcr.io pushes ([feast-dev#4922](feast-dev#4922)) ([40b975b](feast-dev@40b975b)) * Performance regression in /get-online-features ([feast-dev#4892](feast-dev#4892)) ([0db56a2](feast-dev@0db56a2)) * Refactor Operator to deploy all feast services to the same Deployment/Pod ([feast-dev#4863](feast-dev#4863)) ([88854dd](feast-dev@88854dd)) * Remove unnecessary google cloud steps & upgrade docker action versions ([feast-dev#4925](feast-dev#4925)) ([32aaf9a](feast-dev@32aaf9a)) * Remove verifyClient TLS offlineStore option from the Operator ([feast-dev#4847](feast-dev#4847)) ([79fa247](feast-dev@79fa247)) * Resolving syntax error while querying a feature view with column name starting with a number and BigQuery as data source ([feast-dev#4908](feast-dev#4908)) ([d3495a0](feast-dev@d3495a0)) * Updated python-helm-demo example to use MinIO instead of GS ([feast-dev#4691](feast-dev#4691)) ([31afd99](feast-dev@31afd99)) ### Features * Add date field support to spark ([feast-dev#4913](feast-dev#4913)) ([a8aeb79](feast-dev@a8aeb79)) * Add date support when converting from python to feast types ([feast-dev#4918](feast-dev#4918)) ([bd9f071](feast-dev@bd9f071)) * Add duckdb extra to multicloud release image ([feast-dev#4862](feast-dev#4862)) ([b539eba](feast-dev@b539eba)) * Add milvus package to release image & option to Operator ([feast-dev#4870](feast-dev#4870)) ([ef724b6](feast-dev@ef724b6)) * Add Milvus Vector Database Implementation ([feast-dev#4751](feast-dev#4751)) ([22c7b58](feast-dev@22c7b58)) * Add online/offline replica support ([feast-dev#4812](feast-dev#4812)) ([b97da6c](feast-dev@b97da6c)) * Added pvc accessModes support ([feast-dev#4851](feast-dev#4851)) ([a73514c](feast-dev@a73514c)) * Adding EnvFrom support for the OptionalConfigs type to the Go Operator ([feast-dev#4909](feast-dev#4909)) ([e01e510](feast-dev@e01e510)) * Adding Feature Server to components docs ([feast-dev#4868](feast-dev#4868)) ([f95e54b](feast-dev@f95e54b)) * Adding features field to retrieve_online_features to return mor… ([feast-dev#4869](feast-dev#4869)) ([7df287e](feast-dev@7df287e)) * Adding packages for Milvus Online Store ([feast-dev#4854](feast-dev#4854)) ([49171bd](feast-dev@49171bd)) * Adding vector_search parameter to fields ([feast-dev#4855](feast-dev#4855)) ([739eaa7](feast-dev@739eaa7)) * Feast Operator support log level configuration for services ([feast-dev#4808](feast-dev#4808)) ([19424bc](feast-dev@19424bc)) * Go Operator - Parsing the output to go structs ([feast-dev#4832](feast-dev#4832)) ([732865f](feast-dev@732865f)) * Implement `date_partition_column` for `SparkSource` ([feast-dev#4844](feast-dev#4844)) ([c5ffa03](feast-dev@c5ffa03)) * Loading the CA trusted store certificate into Feast to verify the public certificate. ([feast-dev#4852](feast-dev#4852)) ([132ce2a](feast-dev@132ce2a)) * Operator E2E test to validate FeatureStore custom resource using remote registry ([feast-dev#4822](feast-dev#4822)) ([d558ef7](feast-dev@d558ef7)) * Operator improvements ([feast-dev#4928](feast-dev#4928)) ([7a1f4dd](feast-dev@7a1f4dd)) * Removing the tls_verify_client flag from feast cli for offline server. ([feast-dev#4842](feast-dev#4842)) ([8320e23](feast-dev@8320e23)) * Separating the RBAC and Remote related integration tests. ([feast-dev#4905](feast-dev#4905)) ([76e1e21](feast-dev@76e1e21)) * Snyk vulnerability issues fix. ([feast-dev#4867](feast-dev#4867)) ([dbc9207](feast-dev@dbc9207)), closes [#6](feast-dev#6) [#3](feast-dev#3) [#4](feast-dev#4) * Use ASOF JOIN in Snowflake offline store query ([feast-dev#4850](feast-dev#4850)) ([8f591a2](feast-dev@8f591a2)) ### Reverts * Revert "chore: Add Milvus to pr_integration_tests.yml" ([feast-dev#4900](feast-dev#4900)) ([07958f7](feast-dev@07958f7)), closes [feast-dev#4891](feast-dev#4891)

Initial Draft version to load the CA trusted store code.

f11ce84

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

lokeshrangineni self-assigned this Dec 14, 2024

lokeshrangineni added the ok-to-test label Dec 14, 2024

lokeshrangineni changed the title ~~Initial Draft version to load the CA trusted store code.~~ Feat: Initial Draft version to load the CA trusted store. Dec 14, 2024

lokeshrangineni changed the title ~~Feat: Initial Draft version to load the CA trusted store.~~ feat: Initial Draft version to load the CA trusted store. Dec 14, 2024

lokeshrangineni added 16 commits December 14, 2024 03:24

Initial Draft version to load the CA trusted store code.

cc40246

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

Fixing the lint error.

eda6900

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

Trying to fix the online store test cases.

abf4c7e

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

Merge branch 'master' into feature/adding-ca-store-support

d497a9c

Formatted the python to fix lint errors.

767f241

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

Fixing the unit test cases.

436f0db

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

Fixing the unit test cases.

1d64ebb

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

removing unnecessary cli args.

9540e7e

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

Now configuring the SSL ca store configurations on the feast client s…

fff05f4

…ide rather than on the server side. And also fixing the integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

Renamed the remote registry is_tls_mode variable to is_tls.

36859bf

Changed the offline store TLS setting decision from cert to scheme. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

Adding the existing trust store certificates to the newly created tru…

9b6f8e5

…st store. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

Clearing the existing trust store configuration to see if it fixes th…

4a5de3b

…e PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

Clearing the existing trust store configuration to see if it fixes th…

a6d3420

…e PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

Clearing the existing trust store configuration to see if it fixes th…

706e9b4

…e PR integration failures. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

combining the default system ca store with the custom one to fix the …

4970151

…integration tests. Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

Final clean up and adding documentation.

f9aea9a

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

lokeshrangineni marked this pull request as ready for review December 18, 2024 01:15

lokeshrangineni requested a review from a team as a code owner December 18, 2024 01:15

lokeshrangineni changed the title ~~feat: Initial Draft version to load the CA trusted store.~~ feat: Loading the CA trusted store certificate into Feast to verify the public certificate. Dec 18, 2024