forked from airbytehq/airbyte
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fixing vulnerabilities for source-salesforce - Premium support (airby…
…tehq#28021) * Attempt #2 for source-salesforce vulnerabilites fixes CVE-2022-40897 https://security-tracker.debian.org/tracker/CVE-2023-29383 https://security-tracker.debian.org/tracker/CVE-2023-31484 https://security-tracker.debian.org/tracker/CVE-2016-2781 * Changes requested during PR.
- Loading branch information
1 parent
1d42821
commit f2b48d0
Showing
3 changed files
with
101 additions
and
79 deletions.
There are no files selected for viewing
31 changes: 26 additions & 5 deletions
31
airbyte-integrations/connectors/source-salesforce/Dockerfile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,17 +1,38 @@ | ||
FROM python:3.9-slim | ||
# Using alpine to remove several vulnerabilities frm slim image | ||
# https://security-tracker.debian.org/tracker/CVE-2023-29383 | ||
# https://security-tracker.debian.org/tracker/CVE-2023-31484 | ||
# https://security-tracker.debian.org/tracker/CVE-2016-2781 | ||
FROM python:3.9-alpine3.18 | ||
|
||
|
||
RUN apk add --update --no-cache \ | ||
build-base \ | ||
openssl-dev \ | ||
libffi-dev \ | ||
zlib-dev \ | ||
bzip2-dev | ||
|
||
# Bash is installed for more convenient debugging. | ||
RUN apt-get update && apt-get install -y bash && rm -rf /var/lib/apt/lists/* | ||
|
||
ENV AIRBYTE_ENTRYPOINT "python /airbyte/integration_code/main.py" | ||
|
||
WORKDIR /airbyte/integration_code | ||
COPY source_salesforce ./source_salesforce | ||
COPY setup.py ./ | ||
COPY main.py ./ | ||
RUN pip install . | ||
|
||
# Fixing https://nvd.nist.gov/vuln/detail/CVE-2022-40897 | ||
# calling this twice as one upgrades the system pip /usr/local/bin/pip the | ||
# seconf time upgrades the under for the venv /opt/.venv/bin/pip | ||
RUN pip install --upgrade pip setuptools wheel && \ | ||
pip install . | ||
RUN pip install --upgrade pip setuptools | ||
|
||
# add default timezone settings | ||
ENV TZ UTC | ||
RUN cp /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone | ||
|
||
|
||
ENTRYPOINT ["python", "/airbyte/integration_code/main.py"] | ||
|
||
LABEL io.airbyte.version=2.1.0 | ||
LABEL io.airbyte.version=2.1.1 | ||
LABEL io.airbyte.name=airbyte/source-salesforce |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.