chore: whitelist jaeger image from Artifact Hub security scan

jkowall · jkowall · commit c45c0180c3c3 · 2026-02-01T09:15:21.000Z
The reported CVEs are in the upstream Alpine base image (OpenSSL
libcrypto3/libssl3) and Go stdlib, not in this Helm chart. These will
be resolved when the Jaeger project releases a new image with updated
base packages.

Signed-off-by: jkowall &lt;jkowall@kowall.net&gt;
Signed-off-by: Jonah Kowall &lt;jkowall@kowall.net&gt;
diff --git a/charts/jaeger/Chart.yaml b/charts/jaeger/Chart.yaml
@@ -3,7 +3,17 @@ appVersion: 2.14.1
 description: A Jaeger Helm chart for Kubernetes
 name: jaeger
 type: application
-version: 4.4.3
+version: 4.4.4
+# Artifact Hub annotations
+# The jaeger image is whitelisted from security scanning because the reported
+# CVEs are in the upstream Alpine base image (OpenSSL libcrypto3/libssl3) and
+# Go stdlib, not in this Helm chart. These will be resolved when the Jaeger
+# project releases a new image with updated base packages.
+annotations:
+  artifacthub.io/images: |
+    - name: jaeger
+      image: jaegertracing/jaeger:2.14.1
+      whitelisted: true
 # CronJobs require v1.21
 kubeVersion: ">= 1.21-0"
 keywords:
