Skip to content
This repository was archived by the owner on Dec 5, 2024. It is now read-only.

bumbing up versions to remove vulnerabilites #47

Merged
csimplestring merged 5 commits into from
Aug 3, 2021
Merged

bumbing up versions to remove vulnerabilites #47

csimplestring merged 5 commits into from
Aug 3, 2021

Conversation

@bjornm82
Copy link

@bjornm82 bjornm82 commented Jun 7, 2021

Bumping up versions to remove vulnerabilities

Currently on master:
Tested 171 dependencies for known issues, found 3 issues, 13 vulnerable paths.

This branch:
✓ Tested 221 dependencies for known issues, no vulnerable paths found.

TODO: Chart templates has some medium issues, won't be solved with this PR

spaghettifunk and others added 3 commits November 2, 2020 17:28
@spaghettifunk @nielstenboom
Development (#45)
18efad5 
* Update README.md

* Redis credentials (#44)

* Update issue templates

* OSS (#42)

* removing sensitive information for opensourcing the project

* add chart for deploying phoenix

* remove hardcoded port

* Update README.md

* Create docker-publish.yml

* Update README.md

* Update README.md

* Create LICENSE

* Update README.md

* Guidelines (#43)

* Create CODE_OF_CONDUCT.md

* Create CONTRIBUTING.md

* Update README.md

* Update README.md

* Create USERS.md

* Update README.md

* Update README.md

* bump redis client version, add DB_PASSWORD for redis password, fix worker queue

* typo in error checking

* add new ENV to chart

Co-authored-by: Niels ten Boom <nielstenboom@gmail.com>

* remove default password from tests and cli

Co-authored-by: Niels ten Boom <nielstenboom@gmail.com>
@nielstenboom
Bugfix chart (#46)
69a4107 
* add missing nodeselectors + fixed wrong refs

* proper line endings
@bjornm82
bumbing up versions to remove vulnerabilites
cdb4458
bnguyennhon
bnguyennhon reviewed Jun 7, 2021
View reviewed changes
@bjornm82 bjornm82 changed the base branch from master to development June 7, 2021 10:43
bnguyennhon
bnguyennhon reviewed Jun 7, 2021
View reviewed changes
Dockerfile
FROM alpine:3.9
FROM alpine:3.13
COPY --from=builder /app /app

Copy link

@bnguyennhon bnguyennhon Jun 7, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could it be possible to also create & use a non-root user for the runtime image ?

Copy link
Author

@bjornm82 bjornm82 Jun 7, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was under the assumption we were not running with Alpine, seems weird we don't actually run a scratch image. You know the reason @nielstenboom ?

Copy link
Contributor

@nielstenboom nielstenboom Jun 7, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No clue, all Davide's work from a long while ago

Copy link
Author

@bjornm82 bjornm82 Jun 10, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it make sense to move to a scratch image in stead of alpine? I think it's overkill to use an OS for Go.

Copy link

@csimplestring csimplestring Jun 10, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

make sense to me. A Scratch image is more secured at least (you have no extra deps)

Copy link

@bnguyennhon bnguyennhon Jun 10, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

sounds good 👍

nielstenboom
nielstenboom approved these changes Jun 7, 2021
View reviewed changes
Copy link
Contributor

@nielstenboom nielstenboom left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍 , let's see if the full integration tests run after it's merged: https://ci.freemium.diw.rtlwecloudservices.nl/teams/main/pipelines/phoenix-dev/jobs/test-build-and-push-image/builds/2

@csimplestring csimplestring merged commit bed276d into development Aug 3, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

4 more reviewers

@csimplestring csimplestring csimplestring approved these changes

@nielstenboom nielstenboom nielstenboom approved these changes

@bnguyennhon bnguyennhon bnguyennhon left review comments

@volhakurylionak volhakurylionak volhakurylionak approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@bjornm82 @csimplestring @nielstenboom @volhakurylionak @bnguyennhon @spaghettifunk