Utilisation des symfony-containers, et publication sur reg.cadoles #25

Merged
mlamalle merged 2 commits from tech into develop 2023-12-11 14:50:22 +01:00
Owner
Q             A
Bug fixe?     [ ] oui [x] non
Nouvelle fonctionnalié?  [x] oui [ ] non
Dépréciations? [ ] oui [x] non
Modification schéma BDD [ ] oui [x] non
Modification configuration [x] oui [ ] non
Ticket(s)     #24

Attendu

L'environnement docker-compose démarre bien.
lancer les commandes et s'assurer que tout est fonctionnel :

make docker-build
make docker-run

Utiliser l'image reg.cadoles.com/cadoles/hydra-oidc:latest dans l'infra docker-compose de mse.

S'assurer que tout est fonctionnel

| Q             | A | ------------- | --- | Bug fixe?     | [ ] oui [x] non | Nouvelle fonctionnalié? |  [x] oui [ ] non | Dépréciations? | [ ] oui [x] non | Modification schéma BDD | [ ] oui [x] non | Modification configuration | [x] oui [ ] non | Ticket(s)     | #24 ## Attendu L'environnement docker-compose démarre bien. lancer les commandes et s'assurer que tout est fonctionnel : ``` make docker-build make docker-run ``` Utiliser l'image `reg.cadoles.com/cadoles/hydra-oidc:latest` dans l'infra docker-compose de mse. S'assurer que tout est fonctionnel
mlamalle added 2 commits 2023-12-11 14:44:34 +01:00
feat: keep up with technical debt
Some checks reported warnings
Cadoles/hydra-sql/pipeline/head This commit is unstable
Cadoles/hydra-sql/pipeline/pr-develop This commit is unstable
56373b7725
Owner

Symfony Security Check Report

2 packages have known vulnerabilities.

symfony/security-http (v5.4.23)

symfony/twig-bridge (v5.4.22)

  • CVE-2023-46734: Potential XSS vulnerabilities in CodeExtension filters

Note that this checker can only detect vulnerabilities that are referenced in the security advisories database.
Execute this command regularly to check the newly discovered vulnerabilities.

Symfony Security Check Report ============================= 2 packages have known vulnerabilities. symfony/security-http (v5.4.23) ------------------------------- * [CVE-2023-46733][]: Possible session fixation symfony/twig-bridge (v5.4.22) ----------------------------- * [CVE-2023-46734][]: Potential XSS vulnerabilities in CodeExtension filters [CVE-2023-46733]: https://symfony.com/cve-2023-46733 [CVE-2023-46734]: https://symfony.com/cve-2023-46734 Note that this checker can only detect vulnerabilities that are referenced in the security advisories database. Execute this command regularly to check the newly discovered vulnerabilities.
Owner

Test report

PHP CS Fixer

Overview

State Total
Passed 1
Skipped 0
Failed 0
Error 0

Total duration: 0s

See details
Status Name Class
All OK

# Test report ## PHP CS Fixer ### Overview | State | Total | |-------|-------| | Passed | 1 | | Skipped | 0 | | Failed | 0 | | Error | 0 | **Total duration**: 0s <details> <summary>See details</summary> | Status | Name | Class | |--------|------|-------| | &#10003; | `All OK` || </details> <br />
Owner

Rapport PHPStan


 [OK] No errors                                                                 


## Rapport PHPStan ``` [OK] No errors ```
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-standalone/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-standalone/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-standalone:2023.12.11-pr25.1441.56373b7 (alpine 3.17.1)

Vulnerabilities (6)

Package ID Severity Installed Version Fixed Version
curl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
curl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libcrypto3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1
libcurl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
libcurl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libssl3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1

No Misconfigurations found

Target Node.js

Vulnerabilities (9)

Package ID Severity Installed Version Fixed Version
@babel/traverse CVE-2023-45133 CRITICAL 7.20.5 7.23.2, 8.0.0-alpha.4
json5 CVE-2022-46175 HIGH 2.2.1 2.2.2, 1.0.2
postcss CVE-2023-44270 MEDIUM 8.4.20 8.4.31
semver CVE-2022-25883 MEDIUM 6.3.0 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
webpack CVE-2023-28154 CRITICAL 5.75.0 5.76.0

No Misconfigurations found

Target app/composer.lock

Vulnerabilities (2)

Package ID Severity Installed Version Fixed Version
symfony/security-http CVE-2023-46733 MEDIUM v5.4.23 6.3.8, 5.4.31, 6.1.0, 6.2.0, 6.3.0
symfony/twig-bridge CVE-2023-46734 MEDIUM v5.4.22 2.5.0, 4.1.0, 5.4.0, 2.8.0, 5.1.0, 6.1.0, 2.2.0, 3.3.0, 5.2.0, 2.4.0, 3.4.0, 4.4.51, 4.0.0, 6.2.0, 2.6.0, 2.7.0, 3.0.0, 4.4.0, 5.3.0, 2.1.0, 2.3.0, 3.1.0, 3.2.0, 4.2.0, 5.4.31, 6.3.0, 4.3.0, 6.3.8

No Misconfigurations found

Target usr/local/bin/gomplate

No Vulnerabilities found

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-standalone:2023.12.11-pr25.1441.56373b7 (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (6)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>Node.js</code></h3> <h4>Vulnerabilities (9)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>@babel/traverse</code></td> <td>CVE-2023-45133</td> <td>CRITICAL</td> <td>7.20.5</td> <td>7.23.2, 8.0.0-alpha.4</td> </tr> <tr> <td><code>json5</code></td> <td>CVE-2022-46175</td> <td>HIGH</td> <td>2.2.1</td> <td>2.2.2, 1.0.2</td> </tr> <tr> <td><code>postcss</code></td> <td>CVE-2023-44270</td> <td>MEDIUM</td> <td>8.4.20</td> <td>8.4.31</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>6.3.0</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>webpack</code></td> <td>CVE-2023-28154</td> <td>CRITICAL</td> <td>5.75.0</td> <td>5.76.0</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>app/composer.lock</code></h3> <h4>Vulnerabilities (2)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>symfony/security-http</code></td> <td>CVE-2023-46733</td> <td>MEDIUM</td> <td>v5.4.23</td> <td>6.3.8, 5.4.31, 6.1.0, 6.2.0, 6.3.0</td> </tr> <tr> <td><code>symfony/twig-bridge</code></td> <td>CVE-2023-46734</td> <td>MEDIUM</td> <td>v5.4.22</td> <td>2.5.0, 4.1.0, 5.4.0, 2.8.0, 5.1.0, 6.1.0, 2.2.0, 3.3.0, 5.2.0, 2.4.0, 3.4.0, 4.4.51, 4.0.0, 6.2.0, 2.6.0, 2.7.0, 3.0.0, 4.4.0, 5.3.0, 2.1.0, 2.3.0, 3.1.0, 3.2.0, 4.2.0, 5.4.31, 6.3.0, 4.3.0, 6.3.8</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>usr/local/bin/gomplate</code></h3> <h4>No Vulnerabilities found</h4> <h4>No Misconfigurations found</h4>
Owner

Rapport d'analyse du fichier ./misc/images/hydra-sql-base/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-base/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
Owner

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-base:2023.12.11-pr25.1441.56373b7 (alpine 3.17.1)

Vulnerabilities (6)

Package ID Severity Installed Version Fixed Version
curl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
curl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libcrypto3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1
libcurl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
libcurl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libssl3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1

No Misconfigurations found

Target Node.js

Vulnerabilities (9)

Package ID Severity Installed Version Fixed Version
@babel/traverse CVE-2023-45133 CRITICAL 7.20.5 7.23.2, 8.0.0-alpha.4
json5 CVE-2022-46175 HIGH 2.2.1 2.2.2, 1.0.2
postcss CVE-2023-44270 MEDIUM 8.4.20 8.4.31
semver CVE-2022-25883 MEDIUM 6.3.0 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
webpack CVE-2023-28154 CRITICAL 5.75.0 5.76.0

No Misconfigurations found

Target app/composer.lock

Vulnerabilities (2)

Package ID Severity Installed Version Fixed Version
symfony/security-http CVE-2023-46733 MEDIUM v5.4.23 6.3.8, 5.4.31, 6.1.0, 6.2.0, 6.3.0
symfony/twig-bridge CVE-2023-46734 MEDIUM v5.4.22 2.5.0, 4.1.0, 5.4.0, 2.8.0, 5.1.0, 6.1.0, 2.2.0, 3.3.0, 5.2.0, 2.4.0, 3.4.0, 4.4.51, 4.0.0, 6.2.0, 2.6.0, 2.7.0, 3.0.0, 4.4.0, 5.3.0, 2.1.0, 2.3.0, 3.1.0, 3.2.0, 4.2.0, 5.4.31, 6.3.0, 4.3.0, 6.3.8

No Misconfigurations found

Target usr/local/bin/gomplate

No Vulnerabilities found

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-base:2023.12.11-pr25.1441.56373b7 (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (6)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>Node.js</code></h3> <h4>Vulnerabilities (9)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>@babel/traverse</code></td> <td>CVE-2023-45133</td> <td>CRITICAL</td> <td>7.20.5</td> <td>7.23.2, 8.0.0-alpha.4</td> </tr> <tr> <td><code>json5</code></td> <td>CVE-2022-46175</td> <td>HIGH</td> <td>2.2.1</td> <td>2.2.2, 1.0.2</td> </tr> <tr> <td><code>postcss</code></td> <td>CVE-2023-44270</td> <td>MEDIUM</td> <td>8.4.20</td> <td>8.4.31</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>6.3.0</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>webpack</code></td> <td>CVE-2023-28154</td> <td>CRITICAL</td> <td>5.75.0</td> <td>5.76.0</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>app/composer.lock</code></h3> <h4>Vulnerabilities (2)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>symfony/security-http</code></td> <td>CVE-2023-46733</td> <td>MEDIUM</td> <td>v5.4.23</td> <td>6.3.8, 5.4.31, 6.1.0, 6.2.0, 6.3.0</td> </tr> <tr> <td><code>symfony/twig-bridge</code></td> <td>CVE-2023-46734</td> <td>MEDIUM</td> <td>v5.4.22</td> <td>2.5.0, 4.1.0, 5.4.0, 2.8.0, 5.1.0, 6.1.0, 2.2.0, 3.3.0, 5.2.0, 2.4.0, 3.4.0, 4.4.51, 4.0.0, 6.2.0, 2.6.0, 2.7.0, 3.0.0, 4.4.0, 5.3.0, 2.1.0, 2.3.0, 3.1.0, 3.2.0, 4.2.0, 5.4.31, 6.3.0, 4.3.0, 6.3.8</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>usr/local/bin/gomplate</code></h3> <h4>No Vulnerabilities found</h4> <h4>No Misconfigurations found</h4>
mlamalle merged commit cc03fd808c into develop 2023-12-11 14:50:22 +01:00
mlamalle deleted branch tech 2023-12-11 14:50:25 +01:00
Sign in to join this conversation.
No reviewers
No Label
No Milestone
No project
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Cadoles/hydra-sql#25
No description provided.