Skip to content

Commit 94aa7bf

Browse files
PhBouzidfibu0125
PhBouzid
and
fibu0125
authored
fix: resolve vulnerabilities (#110)
* fix: upgrade alpine upgrade dependencies * fix: upgrade third-parties * fix: upgrade third-parties * fix: resolve linters * fix: resolve linters * fix: rollback logback-core version. * fix: upgrade alpine in backup-daemon, zookeeper, integration-tests, monitoring. --------- Co-authored-by: fibu0125 <filipp.buzid@netcracker.com>
1 parent f7faadf commit 94aa7bf

File tree

4 files changed

+17
-2
lines changed

4 files changed

+17
-2
lines changed

backup-daemon/docker/Dockerfile

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,9 @@ ENV ZOOKEEPER_HOME=/opt/zookeeper \
55

66
ENV PYTHONPATH=/usr/local/lib/python3.7/site-packages/integration_library_builtIn
77

8+
RUN echo "https://dl-cdn.alpinelinux.org/alpine/v3.23/main" > /etc/apk/repositories && \
9+
echo "https://dl-cdn.alpinelinux.org/alpine/v3.23/community" >> /etc/apk/repositories
10+
811
COPY backup-daemon.conf /etc/backup-daemon.conf
912
COPY docker/requirements.txt ${ZOOKEEPER_HOME}/requirements.txt
1013
COPY scripts/ ${ZOOKEEPER_HOME}/scripts/

docker-zookeeper/docker/Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -159,7 +159,7 @@ RUN set -x && apk upgrade --available
159159
RUN echo "https://dl-cdn.alpinelinux.org/alpine/edge/main" > /etc/apk/repositories \
160160
&& echo "https://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories \
161161
&& apk add --update --no-cache --upgrade \
162-
pcre2
162+
pcre2 curl gnutls libcurl jq
163163

164164
USER 1000:0
165165
WORKDIR ${ZOOKEEPER_HOME}

integration-tests/docker/Dockerfile

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
FROM ghcr.io/netcracker/qubership-docker-integration-tests:main
1+
FROM ghcr.io/netcracker/qubership-docker-integration-tests:0.1.19
22

33
ENV ROBOT_OUTPUT=${ROBOT_HOME}/output \
44
DISTR_DIR=/tmp/deps \
@@ -8,6 +8,9 @@ ENV ROBOT_OUTPUT=${ROBOT_HOME}/output \
88
RUN mkdir -p ${ROBOT_HOME} \
99
&& mkdir -p ${ROBOT_OUTPUT}
1010

11+
RUN echo "https://dl-cdn.alpinelinux.org/alpine/v3.23/main" > /etc/apk/repositories && \
12+
echo "https://dl-cdn.alpinelinux.org/alpine/v3.23/community" >> /etc/apk/repositories
13+
1114
COPY docker/requirements.txt ${ROBOT_HOME}/requirements.txt
1215
COPY docker/zookeeper_pods_checker.py ${ROBOT_HOME}/zookeeper_pods_checker.py
1316
COPY robot ${ROBOT_HOME}

monitoring/docker/Dockerfile

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,9 @@ FROM telegraf:1.37-alpine
22

33
ENV ZOOKEEPER_MONITORING_HOME=/opt/zookeeper-monitoring
44

5+
RUN echo "https://dl-cdn.alpinelinux.org/alpine/v3.23/main" > /etc/apk/repositories && \
6+
echo "https://dl-cdn.alpinelinux.org/alpine/v3.23/community" >> /etc/apk/repositories
7+
58
RUN mkdir -p ${ZOOKEEPER_MONITORING_HOME}
69

710
COPY docker/config/requirements.txt ${ZOOKEEPER_MONITORING_HOME}/requirements.txt
@@ -27,6 +30,12 @@ RUN python3 -m ensurepip \
2730
# Upgrade all tools to avoid vulnerabilities
2831
RUN set -x && apk upgrade --available
2932

33+
# Upgrade tools from edge to avoid vulnerabilities
34+
RUN echo "https://dl-cdn.alpinelinux.org/alpine/edge/main" > /etc/apk/repositories \
35+
&& echo "https://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories \
36+
&& apk add --update --no-cache --upgrade \
37+
pcre2 curl gnutls libcurl jq
38+
3039
USER 1000:0
3140
WORKDIR ${ZOOKEEPER_MONITORING_HOME}
3241

0 commit comments

Comments
 (0)