Cadoles
/
hydra-sql
19
0
Fork 0
Code Issues 5 Pull Requests 1 Projects Releases Wiki Activity

Utilisation des symfony-containers, et publication sur reg.cadoles #25

Merged
mlamalle merged 2 commits from tech into develop 2023-12-11 14:50:22 +01:00
Conversation 7 Commits 2 Files Changed 38 +128 -4924
mlamalle commented 2023-12-11 14:44:29 +01:00
Owner
Copy Link
Q             A
Bug fixe?     [ ] oui [x] non
Nouvelle fonctionnalié?  [x] oui [ ] non
Dépréciations? [ ] oui [x] non
Modification schéma BDD [ ] oui [x] non
Modification configuration [x] oui [ ] non
Ticket(s)     #24

Attendu

L'environnement docker-compose démarre bien.
lancer les commandes et s'assurer que tout est fonctionnel :

make docker-build
make docker-run

Utiliser l'image reg.cadoles.com/cadoles/hydra-oidc:latest dans l'infra docker-compose de mse.

S'assurer que tout est fonctionnel

| Q             | A | ------------- | --- | Bug fixe?     | [ ] oui [x] non | Nouvelle fonctionnalié? |  [x] oui [ ] non | Dépréciations? | [ ] oui [x] non | Modification schéma BDD | [ ] oui [x] non | Modification configuration | [x] oui [ ] non | Ticket(s)     | #24 ## Attendu L'environnement docker-compose démarre bien. lancer les commandes et s'assurer que tout est fonctionnel : ``` make docker-build make docker-run ``` Utiliser l'image `reg.cadoles.com/cadoles/hydra-oidc:latest` dans l'infra docker-compose de mse. S'assurer que tout est fonctionnel
mlamalle added 2 commits 2023-12-11 14:44:34 +01:00
Cadoles/hydra-sql/pipeline/head This commit is unstable Details
Cadoles/hydra-sql/pipeline/pr-develop This commit is unstable Details
56373b7725 feat: keep up with technical debt
jenkins commented 2023-12-11 14:45:50 +01:00
Owner
Copy Link

Symfony Security Check Report

2 packages have known vulnerabilities.

symfony/security-http (v5.4.23)

symfony/twig-bridge (v5.4.22)

  • CVE-2023-46734: Potential XSS vulnerabilities in CodeExtension filters

Note that this checker can only detect vulnerabilities that are referenced in the security advisories database.
Execute this command regularly to check the newly discovered vulnerabilities.

Symfony Security Check Report ============================= 2 packages have known vulnerabilities. symfony/security-http (v5.4.23) ------------------------------- * [CVE-2023-46733][]: Possible session fixation symfony/twig-bridge (v5.4.22) ----------------------------- * [CVE-2023-46734][]: Potential XSS vulnerabilities in CodeExtension filters [CVE-2023-46733]: https://symfony.com/cve-2023-46733 [CVE-2023-46734]: https://symfony.com/cve-2023-46734 Note that this checker can only detect vulnerabilities that are referenced in the security advisories database. Execute this command regularly to check the newly discovered vulnerabilities.
jenkins commented 2023-12-11 14:45:51 +01:00
Owner
Copy Link

Test report

PHP CS Fixer

Overview

State Total
Passed 1
Skipped 0
Failed 0
Error 0

Total duration: 0s

See details
Status Name Class
All OK

# Test report ## PHP CS Fixer ### Overview | State | Total | |-------|-------| | Passed | 1 | | Skipped | 0 | | Failed | 0 | | Error | 0 | **Total duration**: 0s <details> <summary>See details</summary> | Status | Name | Class | |--------|------|-------| | &#10003; | `All OK` || </details> <br />
jenkins commented 2023-12-11 14:45:52 +01:00
Owner
Copy Link

Rapport PHPStan


 [OK] No errors
## Rapport PHPStan ``` [OK] No errors ```
jenkins commented 2023-12-11 14:46:08 +01:00
Owner
Copy Link

Rapport d'analyse du fichier ./misc/images/hydra-sql-standalone/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-standalone/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
jenkins commented 2023-12-11 14:47:45 +01:00
Owner
Copy Link

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-standalone:2023.12.11-pr25.1441.56373b7 (alpine 3.17.1)

Vulnerabilities (6)

Package ID Severity Installed Version Fixed Version
curl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
curl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libcrypto3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1
libcurl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
libcurl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libssl3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1

No Misconfigurations found

Target Node.js

Vulnerabilities (9)

Package ID Severity Installed Version Fixed Version
@babel/traverse CVE-2023-45133 CRITICAL 7.20.5 7.23.2, 8.0.0-alpha.4
json5 CVE-2022-46175 HIGH 2.2.1 2.2.2, 1.0.2
postcss CVE-2023-44270 MEDIUM 8.4.20 8.4.31
semver CVE-2022-25883 MEDIUM 6.3.0 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
webpack CVE-2023-28154 CRITICAL 5.75.0 5.76.0

No Misconfigurations found

Target app/composer.lock

Vulnerabilities (2)

Package ID Severity Installed Version Fixed Version
symfony/security-http CVE-2023-46733 MEDIUM v5.4.23 6.3.8, 5.4.31, 6.1.0, 6.2.0, 6.3.0
symfony/twig-bridge CVE-2023-46734 MEDIUM v5.4.22 2.5.0, 4.1.0, 5.4.0, 2.8.0, 5.1.0, 6.1.0, 2.2.0, 3.3.0, 5.2.0, 2.4.0, 3.4.0, 4.4.51, 4.0.0, 6.2.0, 2.6.0, 2.7.0, 3.0.0, 4.4.0, 5.3.0, 2.1.0, 2.3.0, 3.1.0, 3.2.0, 4.2.0, 5.4.31, 6.3.0, 4.3.0, 6.3.8

No Misconfigurations found

Target usr/local/bin/gomplate

No Vulnerabilities found

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-standalone:2023.12.11-pr25.1441.56373b7 (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (6)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>Node.js</code></h3> <h4>Vulnerabilities (9)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>@babel/traverse</code></td> <td>CVE-2023-45133</td> <td>CRITICAL</td> <td>7.20.5</td> <td>7.23.2, 8.0.0-alpha.4</td> </tr> <tr> <td><code>json5</code></td> <td>CVE-2022-46175</td> <td>HIGH</td> <td>2.2.1</td> <td>2.2.2, 1.0.2</td> </tr> <tr> <td><code>postcss</code></td> <td>CVE-2023-44270</td> <td>MEDIUM</td> <td>8.4.20</td> <td>8.4.31</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>6.3.0</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>webpack</code></td> <td>CVE-2023-28154</td> <td>CRITICAL</td> <td>5.75.0</td> <td>5.76.0</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>app/composer.lock</code></h3> <h4>Vulnerabilities (2)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>symfony/security-http</code></td> <td>CVE-2023-46733</td> <td>MEDIUM</td> <td>v5.4.23</td> <td>6.3.8, 5.4.31, 6.1.0, 6.2.0, 6.3.0</td> </tr> <tr> <td><code>symfony/twig-bridge</code></td> <td>CVE-2023-46734</td> <td>MEDIUM</td> <td>v5.4.22</td> <td>2.5.0, 4.1.0, 5.4.0, 2.8.0, 5.1.0, 6.1.0, 2.2.0, 3.3.0, 5.2.0, 2.4.0, 3.4.0, 4.4.51, 4.0.0, 6.2.0, 2.6.0, 2.7.0, 3.0.0, 4.4.0, 5.3.0, 2.1.0, 2.3.0, 3.1.0, 3.2.0, 4.2.0, 5.4.31, 6.3.0, 4.3.0, 6.3.8</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>usr/local/bin/gomplate</code></h3> <h4>No Vulnerabilities found</h4> <h4>No Misconfigurations found</h4>
jenkins commented 2023-12-11 14:47:57 +01:00
Owner
Copy Link

Rapport d'analyse du fichier ./misc/images/hydra-sql-base/Dockerfile avec Hadolint

Rien à signaler.
## Rapport d'analyse du fichier `./misc/images/hydra-sql-base/Dockerfile` avec [Hadolint](https://github.com/hadolint/hadolint) ``` Rien à signaler. ```
jenkins commented 2023-12-11 14:49:31 +01:00
Owner
Copy Link

Rapport d'analyse de l'image avec Trivy

Target reg.cadoles.com/cadoles/hydra-sql-base:2023.12.11-pr25.1441.56373b7 (alpine 3.17.1)

Vulnerabilities (6)

Package ID Severity Installed Version Fixed Version
curl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
curl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libcrypto3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1
libcurl CVE-2023-46218 MEDIUM 8.4.0-r0 8.5.0-r0
libcurl CVE-2023-46219 LOW 8.4.0-r0 8.5.0-r0
libssl3 CVE-2023-5678 MEDIUM 3.0.12-r0 3.0.12-r1

No Misconfigurations found

Target Node.js

Vulnerabilities (9)

Package ID Severity Installed Version Fixed Version
@babel/traverse CVE-2023-45133 CRITICAL 7.20.5 7.23.2, 8.0.0-alpha.4
json5 CVE-2022-46175 HIGH 2.2.1 2.2.2, 1.0.2
postcss CVE-2023-44270 MEDIUM 8.4.20 8.4.31
semver CVE-2022-25883 MEDIUM 6.3.0 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
semver CVE-2022-25883 MEDIUM 7.3.8 7.5.2, 6.3.1, 5.7.2
webpack CVE-2023-28154 CRITICAL 5.75.0 5.76.0

No Misconfigurations found

Target app/composer.lock

Vulnerabilities (2)

Package ID Severity Installed Version Fixed Version
symfony/security-http CVE-2023-46733 MEDIUM v5.4.23 6.3.8, 5.4.31, 6.1.0, 6.2.0, 6.3.0
symfony/twig-bridge CVE-2023-46734 MEDIUM v5.4.22 2.5.0, 4.1.0, 5.4.0, 2.8.0, 5.1.0, 6.1.0, 2.2.0, 3.3.0, 5.2.0, 2.4.0, 3.4.0, 4.4.51, 4.0.0, 6.2.0, 2.6.0, 2.7.0, 3.0.0, 4.4.0, 5.3.0, 2.1.0, 2.3.0, 3.1.0, 3.2.0, 4.2.0, 5.4.31, 6.3.0, 4.3.0, 6.3.8

No Misconfigurations found

Target usr/local/bin/gomplate

No Vulnerabilities found

No Misconfigurations found

## Rapport d'analyse de l'image avec [Trivy](https://github.com/aquasecurity/trivy) <h3>Target <code>reg.cadoles.com/cadoles/hydra-sql-base:2023.12.11-pr25.1441.56373b7 (alpine 3.17.1)</code></h3> <h4>Vulnerabilities (6)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>curl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcrypto3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46218</td> <td>MEDIUM</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libcurl</code></td> <td>CVE-2023-46219</td> <td>LOW</td> <td>8.4.0-r0</td> <td>8.5.0-r0</td> </tr> <tr> <td><code>libssl3</code></td> <td>CVE-2023-5678</td> <td>MEDIUM</td> <td>3.0.12-r0</td> <td>3.0.12-r1</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>Node.js</code></h3> <h4>Vulnerabilities (9)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>@babel/traverse</code></td> <td>CVE-2023-45133</td> <td>CRITICAL</td> <td>7.20.5</td> <td>7.23.2, 8.0.0-alpha.4</td> </tr> <tr> <td><code>json5</code></td> <td>CVE-2022-46175</td> <td>HIGH</td> <td>2.2.1</td> <td>2.2.2, 1.0.2</td> </tr> <tr> <td><code>postcss</code></td> <td>CVE-2023-44270</td> <td>MEDIUM</td> <td>8.4.20</td> <td>8.4.31</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>6.3.0</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>semver</code></td> <td>CVE-2022-25883</td> <td>MEDIUM</td> <td>7.3.8</td> <td>7.5.2, 6.3.1, 5.7.2</td> </tr> <tr> <td><code>webpack</code></td> <td>CVE-2023-28154</td> <td>CRITICAL</td> <td>5.75.0</td> <td>5.76.0</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>app/composer.lock</code></h3> <h4>Vulnerabilities (2)</h4> <table> <tr> <th>Package</th> <th>ID</th> <th>Severity</th> <th>Installed Version</th> <th>Fixed Version</th> </tr> <tr> <td><code>symfony/security-http</code></td> <td>CVE-2023-46733</td> <td>MEDIUM</td> <td>v5.4.23</td> <td>6.3.8, 5.4.31, 6.1.0, 6.2.0, 6.3.0</td> </tr> <tr> <td><code>symfony/twig-bridge</code></td> <td>CVE-2023-46734</td> <td>MEDIUM</td> <td>v5.4.22</td> <td>2.5.0, 4.1.0, 5.4.0, 2.8.0, 5.1.0, 6.1.0, 2.2.0, 3.3.0, 5.2.0, 2.4.0, 3.4.0, 4.4.51, 4.0.0, 6.2.0, 2.6.0, 2.7.0, 3.0.0, 4.4.0, 5.3.0, 2.1.0, 2.3.0, 3.1.0, 3.2.0, 4.2.0, 5.4.31, 6.3.0, 4.3.0, 6.3.8</td> </tr> </table> <h4>No Misconfigurations found</h4> <h3>Target <code>usr/local/bin/gomplate</code></h3> <h4>No Vulnerabilities found</h4> <h4>No Misconfigurations found</h4>
mlamalle merged commit cc03fd808c into develop 2023-12-11 14:50:22 +01:00
mlamalle deleted branch tech 2023-12-11 14:50:25 +01:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Cadoles/hydra-sql#25
No description provided.
Delete Branch "tech"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?