Skip to content

Commit 0322df9

Browse files
YCShen1010YCShen1010
committed
remove xargs vulnerability
Signed-off-by: YuChen <[email protected]>
1 parent 5cdfd7a commit 0322df9

File tree

1 file changed

+8
-7
lines changed

1 file changed

+8
-7
lines changed

velero/schedule/common-service-db/cs-db-br-script-cm-4.6.10.4.11.yaml

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -131,26 +131,27 @@ data:
131131
CLUSTER_DOMAIN=$(oc get cm ibmcloud-cluster-info -n $CSDB_NAMESPACE -o jsonpath='{.data.cluster_address}' 2>/dev/null || echo "")
132132
133133
if [[ -z $CLUSTER_DOMAIN ]]; then
134-
error "Could not determine cluster domain from ibmcloud-cluster-info configmap. Please update IDP configuration manually."
134+
error "Could not determine cluster domain from ibmcloud-cluster-info configmap. Please update IDP configuration manually."
135135
return 1
136136
fi
137137
138-
info "Detected cluster domain: $CLUSTER_DOMAIN"
138+
info "Detected cluster domain: $CLUSTER_DOMAIN"
139139
140140
NEW_IDP_URL="https://${CLUSTER_DOMAIN}/idprovider/v1/auth"
141141
142-
info "Target IDP URL: $NEW_IDP_URL"
142+
info "🎯 Target IDP URL: $NEW_IDP_URL"
143143
144144
# Check if account_iam database exists
145145
ACCOUNT_IAM_EXISTS=$(oc -n $CSDB_NAMESPACE exec -t $CNPG_PRIMARY_POD -c postgres -- psql -U postgres -c "\list" | grep "account_iam" || echo False)
146146
147147
if [[ $ACCOUNT_IAM_EXISTS != "False" ]]; then
148148
# Check current IDP configuration
149-
CURRENT_IDP=$(oc -n $CSDB_NAMESPACE exec -t $CNPG_PRIMARY_POD -c postgres -- psql -U postgres -d account_iam -t -c "SELECT DISTINCT idp FROM accountiam.idp_config WHERE idp LIKE '%/idprovider/v1/%' LIMIT 1;" | xargs || echo "")
149+
CURRENT_IDP=$(oc -n $CSDB_NAMESPACE exec -t $CNPG_PRIMARY_POD -c postgres -- psql -U postgres -d account_iam -t -c "SELECT TRIM(idp) FROM accountiam.idp_config WHERE idp LIKE '%/idprovider/v1/%' LIMIT 1;" 2>/dev/null | head -n1 | tr -d '\r\n' | sed 's/^[[:space:]]*//;s/[[:space:]]*$//' || echo "")
150+
info "🌐 Current IDP URL: $CURRENT_IDP"
151+
echo ""
150152
151153
if [[ -n $CURRENT_IDP ]] && [[ $CURRENT_IDP != $NEW_IDP_URL ]]; then
152-
info "Current IDP URL: $CURRENT_IDP"
153-
info "Updating IDP configuration..."
154+
info "🔄 Updating IDP configuration..."
154155
155156
oc -n $CSDB_NAMESPACE exec -t $CNPG_PRIMARY_POD -c postgres -- psql -U postgres -d account_iam -c "
156157
UPDATE accountiam.idp_config
@@ -168,7 +169,7 @@ data:
168169
169170
success "IDP configuration updated successfully in account_iam database."
170171
elif [[ $CURRENT_IDP == $NEW_IDP_URL ]]; then
171-
info "IDP configuration already matches target URL, no update needed."
172+
info "IDP configuration already matches target URL, no update needed."
172173
else
173174
info "No IDP configuration found in database, skipping update."
174175
fi

0 commit comments

Comments
 (0)