fix: security fixes per dependabot reports and pin cdk to work around a…

…ws/aws-cdk#30241 in docker deploy
mbari-org · May 17, 2024 · 9b282f6 · 9b282f6
1 parent d2c062d
commit 9b282f6
Show file tree

Hide file tree

Showing 4 changed files with 7 additions and 4 deletions.
diff --git a/Dockerfile.aws b/Dockerfile.aws
@@ -8,7 +8,7 @@ ARG GIT_VERSION=latest
 ARG IMAGE_URI=mbari/fastapi-yolov5-fargate-elb:${GIT_VERSION}
 
 # Install the required node modules, and force the latest version of aws-cdk
-RUN npm install -g aws-cdk
+RUN npm install -g aws-cdk@2.141.0
 
 RUN apt-get update && \
     apt-get install -y git && \
@@ -31,7 +31,7 @@ RUN apt-get update && \
 # Create a virtual environment and run install in that 
 RUN python3 -m venv /venv
 ENV PATH="/venv/bin:$PATH"
-RUN python3 -m pip install --upgrade pip 
+RUN python3 -m pip install --upgrade pip>=23.3.0
 RUN pip3 install aws-cdk-lib pyyaml
 
 WORKDIR /tmp

diff --git a/environment.yml b/environment.yml
@@ -3,6 +3,7 @@ channels:
   - conda-forge
 dependencies:
   - python>=3.10
+  - pip>=23.3
   - pip:
     - aws-cdk.cdk
     - aws-cdk-lib>2.0.0

diff --git a/src/Dockerfile b/src/Dockerfile
@@ -22,7 +22,7 @@ RUN apt update -y && apt install -y software-properties-common && \
 	&& apt-get install -y libncurses6 \
     && apt-get install -y curl \
     && curl -sS https://bootstrap.pypa.io/get-pip.py | python3.10 \
-    && python3.10 -m pip install --upgrade pip==23.2.1 \
+    && python3.10 -m pip install --upgrade pip==23.3.0 \
     && apt-get clean
 
 ENV WORKERS_PER_CORE=4

diff --git a/src/requirements.txt b/src/requirements.txt
@@ -3,4 +3,6 @@ uvicorn
 boto3
 python-multipart
 httpx
-pytest
+pytest
+gunicorn>=22.0.0
+flask>=2.2.5