Thanks Gyula +1 (non-binding)
I tested on two OpenShift clusters: OC 4.20.8 and a FIPS OC 4.18.30. * The helm install went well * Tested port-forward looking at the basic-example-rest UI, looked good. * checksums looked good * GPG signatures looked good * I tried an OLM build and deploy, it looked good. * Tested the basic.yaml, basic-session-deployment-only.yaml, basic-session-job-only.yaml, savepoint-already-exists.yaml The only two things I'm not sure about are: 1. I see there's a new crd: flinkbluegreendeployments, but I'm not sure how to test that. 2. I did a Twistlock scan of the ghcr.io/apache/flink-kubernetes-operator:f504138 image and saw that it had 4 items flagged for the Java 17.0.17 3. https://nvd.nist.gov/vuln/detail/CVE-2026-21945 (Low) 4. https://nvd.nist.gov/vuln/detail/CVE-2026-21932 (High) 5. https://nvd.nist.gov/vuln/detail/CVE-2026-21925 (Low) 6. https://nvd.nist.gov/vuln/detail/CVE-2026-21933 (Medium) 7. 8. and one for the org.apache.logging.log4j_log4j-core 9. https://nvd.nist.gov/vuln/detail/CVE-2025-68161 (Medium) I'm out of practice with Ubuntu and how to update the Java and the log4j, but I can try to look closer tomorrow if you'd like. Thanks, Jim Busche 1. 2.
