Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: replace asdf installation method for aws cli with apk #26

Merged
merged 11 commits into from
Jul 4, 2023
Merged

fix: replace asdf installation method for aws cli with apk #26

merged 11 commits into from
Jul 4, 2023

Conversation

Santhin
Copy link
Contributor

@Santhin Santhin commented Jul 4, 2023
edited
Loading

changes:

  • replaced asdf with apk for aws cli

@github-actions
Copy link

github-actions bot commented Jul 4, 2023

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

@github-actions
Copy link

github-actions bot commented Jul 4, 2023

Trivy

PkgName InstalledVersion Severity Title CVE URL
openssh 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-default 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-keygen 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-sftp-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531

@Santhin Santhin changed the title chore: repair aws cli fix: replace asdf installation method for aws cli with pip Jul 4, 2023
@github-actions
Copy link

github-actions bot commented Jul 4, 2023

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

@github-actions
Copy link

github-actions bot commented Jul 4, 2023

Trivy

PkgName InstalledVersion Severity Title CVE URL
openssh 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-default 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-keygen 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-sftp-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531

@github-actions
Copy link

github-actions bot commented Jul 4, 2023

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

@github-actions
Copy link

github-actions bot commented Jul 4, 2023

Trivy

PkgName InstalledVersion Severity Title CVE URL
openssh 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-default 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-keygen 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-sftp-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531

dgniewek
dgniewek reviewed Jul 4, 2023
View reviewed changes
Copy link
Contributor

@dgniewek dgniewek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please Bump version of all tools and pin them to the newest (lines 7-22)

app/Dockerfile Outdated Show resolved Hide resolved
@github-actions
Copy link

github-actions bot commented Jul 4, 2023

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

@github-actions
Copy link

github-actions bot commented Jul 4, 2023

Trivy

PkgName InstalledVersion Severity Title CVE URL
openssh 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-default 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-keygen 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-sftp-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531

@Santhin Santhin changed the title fix: replace asdf installation method for aws cli with pip fix: replace asdf installation method for aws cli with apk Jul 4, 2023
@Santhin Santhin requested a review from dgniewek July 4, 2023 08:45
@github-actions
Copy link

github-actions bot commented Jul 4, 2023

Checkov

check_id file resource check_name guideline
0 CKV_DOCKER_2 /app/Dockerfile /app/Dockerfile. Ensure that HEALTHCHECK instructions have been added to container images https://docs.bridgecrew.io/docs/ensure-that-healthcheck-instructions-have-been-added-to-container-images

@github-actions
Copy link

github-actions bot commented Jul 4, 2023

Trivy

PkgName InstalledVersion Severity Title CVE URL
openssh 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-client-default 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-keygen 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-server-common 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531
openssh-sftp-server 9.1_p1-r2 CRITICAL openssh: smartcard keys to ssh-agent without the intended per-hop destination constraints. https://avd.aquasec.com/nvd/cve-2023-28531

@Santhin Santhin merged commit 95e9708 into main Jul 4, 2023
@Santhin Santhin deleted the fix/repair-aws-cli branch July 4, 2023 09:17
@github-actions
Copy link

github-actions bot commented Jul 4, 2023

The new version v2.7.1 has been released 🎉

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dgniewek dgniewek dgniewek approved these changes

Assignees
No one assigned
Labels
release/patch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Santhin @dgniewek