Skip to content

Commit

Permalink
fix(image): handle vulnerabilities reported by artifacthub scanner (#…
Browse files Browse the repository at this point in the history 
…2436)

* fix(image): upgrade prometheus jmx exporter to v0.17.2

* fix(pycloudlib): upgrade indirect dependency oauthlib to v3.2.1

* build(image): remove leading whitespace on CN_BUILD_DATE value
  • Loading branch information
@iromli
iromli authored Sep 22, 2022
1 parent 3d50b32 commit 77d8d88
Show file tree
Hide file tree
Showing 6 changed files with 12 additions and 10 deletions.
4 changes: 2 additions & 2 deletions docker-jans-auth-server/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ RUN /opt/jython/bin/pip uninstall -y pip
# ===========

ENV CN_VERSION=1.0.3-SNAPSHOT
ENV CN_BUILD_DATE='2022-08-30 17:15'
ENV CN_BUILD_DATE='2022-09-21 19:12'
ENV CN_SOURCE_URL=https://jenkins.jans.io/maven/io/jans/jans-auth-server/${CN_VERSION}/jans-auth-server-${CN_VERSION}.war

# Install Jans Auth
Expand Down Expand Up @@ -145,7 +145,7 @@ RUN python3 -m ensurepip \
# Prometheus
# ==========

ARG PROMETHEUS_JAVAAGENT_VERSION=0.17.0
ARG PROMETHEUS_JAVAAGENT_VERSION=0.17.2
COPY conf/prometheus-config.yaml /opt/prometheus/
RUN mkdir -p /opt/prometheus \
&& wget -q https://repo1.maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/${PROMETHEUS_JAVAAGENT_VERSION}/jmx_prometheus_javaagent-${PROMETHEUS_JAVAAGENT_VERSION}.jar -O /opt/prometheus/jmx_prometheus_javaagent.jar \
Expand Down
4 changes: 2 additions & 2 deletions docker-jans-client-api/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ RUN wget -q https://maven.jans.io/maven/io/jans/jython-installer//${JYTHON_VERSI
# ==========

ENV CN_VERSION=1.0.3-SNAPSHOT
ENV CN_BUILD_DATE='2022-08-30 16:31'
ENV CN_BUILD_DATE='2022-09-21 19:15'
ENV CN_SOURCE_URL=https://jenkins.jans.io/maven/io/jans/jans-client-api-server/${CN_VERSION}/jans-client-api-server-${CN_VERSION}.war

COPY jetty/jetty-env.xml /tmp/WEB-INF/jetty-env.xml
Expand All @@ -73,7 +73,7 @@ RUN python3 -m ensurepip \
# Prometheus
# ==========

ARG PROMETHEUS_JAVAAGENT_VERSION=0.17.0
ARG PROMETHEUS_JAVAAGENT_VERSION=0.17.2
COPY conf/prometheus-config.yaml /opt/prometheus/
RUN mkdir -p /opt/prometheus \
&& wget -q https://repo1.maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/${PROMETHEUS_JAVAAGENT_VERSION}/jmx_prometheus_javaagent-${PROMETHEUS_JAVAAGENT_VERSION}.jar -O /opt/prometheus/jmx_prometheus_javaagent.jar \
Expand Down
4 changes: 2 additions & 2 deletions docker-jans-config-api/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ RUN wget -q https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-home/${JETTY_
# ==========

ENV CN_VERSION=1.0.3-SNAPSHOT
ENV CN_BUILD_DATE='2022-08-30 17:18'
ENV CN_BUILD_DATE='2022-09-21 19:16'
ENV CN_SOURCE_URL=https://jenkins.jans.io/maven/io/jans/jans-config-api-server/${CN_VERSION}/jans-config-api-server-${CN_VERSION}.war

# Install Jans Config API
Expand Down Expand Up @@ -93,7 +93,7 @@ RUN python3 -m ensurepip \
# Prometheus
# ==========

ARG PROMETHEUS_JAVAAGENT_VERSION=0.17.0
ARG PROMETHEUS_JAVAAGENT_VERSION=0.17.2
COPY conf/prometheus-config.yaml /opt/prometheus/
RUN mkdir -p /opt/prometheus \
&& wget -q https://repo1.maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/${PROMETHEUS_JAVAAGENT_VERSION}/jmx_prometheus_javaagent-${PROMETHEUS_JAVAAGENT_VERSION}.jar -O /opt/prometheus/jmx_prometheus_javaagent.jar \
Expand Down
4 changes: 2 additions & 2 deletions docker-jans-fido2/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ EXPOSE 8080
# =====

ENV CN_VERSION=1.0.3-SNAPSHOT
ENV CN_BUILD_DATE='2022-08-30 16:28'
ENV CN_BUILD_DATE='2022-09-21 19:13'
ENV CN_SOURCE_URL=https://jenkins.jans.io/maven/io/jans/jans-fido2-server/${CN_VERSION}/jans-fido2-server-${CN_VERSION}.war

# Install FIDO2
Expand Down Expand Up @@ -110,7 +110,7 @@ RUN python3 -m ensurepip \
# Prometheus
# ==========

ARG PROMETHEUS_JAVAAGENT_VERSION=0.17.0
ARG PROMETHEUS_JAVAAGENT_VERSION=0.17.2
COPY conf/prometheus-config.yaml /opt/prometheus/
RUN mkdir -p /opt/prometheus \
&& wget -q https://repo1.maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/${PROMETHEUS_JAVAAGENT_VERSION}/jmx_prometheus_javaagent-${PROMETHEUS_JAVAAGENT_VERSION}.jar -O /opt/prometheus/jmx_prometheus_javaagent.jar \
Expand Down
4 changes: 2 additions & 2 deletions docker-jans-scim/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ RUN wget -q https://maven.jans.io/maven/io/jans/jython-installer/${JYTHON_VERSIO
# ====

ENV CN_VERSION=1.0.3-SNAPSHOT
ENV CN_BUILD_DATE='2022-08-30 17:17'
ENV CN_BUILD_DATE='2022-09-21 21:47'
ENV CN_SOURCE_URL=https://jenkins.jans.io/maven/io/jans/jans-scim-server/${CN_VERSION}/jans-scim-server-${CN_VERSION}.war

# Install SCIM
Expand Down Expand Up @@ -109,7 +109,7 @@ RUN python3 -m ensurepip \
# Prometheus
# ==========

ARG PROMETHEUS_JAVAAGENT_VERSION=0.17.0
ARG PROMETHEUS_JAVAAGENT_VERSION=0.17.2
COPY conf/prometheus-config.yaml /opt/prometheus/
RUN mkdir -p /opt/prometheus \
&& wget -q https://repo1.maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/${PROMETHEUS_JAVAAGENT_VERSION}/jmx_prometheus_javaagent-${PROMETHEUS_JAVAAGENT_VERSION}.jar -O /opt/prometheus/jmx_prometheus_javaagent.jar \
Expand Down
2 changes: 2 additions & 0 deletions jans-pycloudlib/setup.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,8 @@ def find_version(*file_paths):
"google-cloud-spanner>=3.3.0",
"Click>=6.7",
"ldif>=4.1.1",
# handle CVE-2022-36087
"oauthlib>=3.2.1",
],
classifiers=[
"Intended Audience :: Developers",
Expand Down

0 comments on commit 77d8d88

Please sign in to comment.