From 683ce1918066410497ff1b4f6353495ca4af1155 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Alberto=20Leiva=20Obando?= Date: Wed, 16 Oct 2024 10:26:11 -0600 Subject: [PATCH 01/11] APIPUB-80 Fixing vulnerabilities found with Docker Scout Update nuget packages Update .NET SDK alpine version --- .../EdFi.Tools.ApiPublisher.Cli.csproj | 18 +++++++++--------- ....ApiPublisher.ConfigurationStore.Aws.csproj | 4 ++-- ...lisher.ConfigurationStore.PostgreSql.csproj | 2 +- ...blisher.ConfigurationStore.SqlServer.csproj | 8 ++++---- ...i.Tools.ApiPublisher.Connections.Api.csproj | 10 +++++----- .../Modules/EdFiApiAsSourceModule.cs | 2 +- .../Modules/EdFiApiAsTargetModule.cs | 2 +- ...dFiApiSourceCurrentChangeVersionProvider.cs | 9 ++++----- .../PostResourceProcessingBlocksFactory.cs | 11 ++++------- ...ools.ApiPublisher.Connections.Sqlite.csproj | 4 ++-- .../EdFi.Tools.ApiPublisher.Core.csproj | 18 +++++++++--------- .../EdFi.Tools.ApiPublisher.Tests.csproj | 14 +++++++------- src/dev.Dockerfile | 4 ++-- 13 files changed, 51 insertions(+), 55 deletions(-) diff --git a/src/EdFi.Tools.ApiPublisher.Cli/EdFi.Tools.ApiPublisher.Cli.csproj b/src/EdFi.Tools.ApiPublisher.Cli/EdFi.Tools.ApiPublisher.Cli.csproj index c75e377..0b555bc 100644 --- a/src/EdFi.Tools.ApiPublisher.Cli/EdFi.Tools.ApiPublisher.Cli.csproj +++ b/src/EdFi.Tools.ApiPublisher.Cli/EdFi.Tools.ApiPublisher.Cli.csproj @@ -7,20 +7,20 @@ NU5100, NU5124 - - - + + + - - + + - + - - + + - + diff --git a/src/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws.csproj b/src/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws.csproj index 5e84a0a..cf5931e 100644 --- a/src/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws.csproj +++ b/src/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws.csproj @@ -4,9 +4,9 @@ 10 - + - + diff --git a/src/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql.csproj b/src/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql.csproj index d771e33..bbe3932 100644 --- a/src/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql.csproj +++ b/src/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql.csproj @@ -4,7 +4,7 @@ 10 - + diff --git a/src/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer.csproj b/src/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer.csproj index c0d1faa..f6364c4 100644 --- a/src/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer.csproj +++ b/src/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer.csproj @@ -4,11 +4,11 @@ 10 - - + + - - + + diff --git a/src/EdFi.Tools.ApiPublisher.Connections.Api/EdFi.Tools.ApiPublisher.Connections.Api.csproj b/src/EdFi.Tools.ApiPublisher.Connections.Api/EdFi.Tools.ApiPublisher.Connections.Api.csproj index 8308cd0..25fa5ea 100644 --- a/src/EdFi.Tools.ApiPublisher.Connections.Api/EdFi.Tools.ApiPublisher.Connections.Api.csproj +++ b/src/EdFi.Tools.ApiPublisher.Connections.Api/EdFi.Tools.ApiPublisher.Connections.Api.csproj @@ -5,14 +5,14 @@ true - - - + + + runtime; build; native; contentfiles; analyzers; buildtransitive all - - + + runtime; build; native; contentfiles; analyzers; buildtransitive all diff --git a/src/EdFi.Tools.ApiPublisher.Connections.Api/Modules/EdFiApiAsSourceModule.cs b/src/EdFi.Tools.ApiPublisher.Connections.Api/Modules/EdFiApiAsSourceModule.cs index 1c554fb..0668cb3 100644 --- a/src/EdFi.Tools.ApiPublisher.Connections.Api/Modules/EdFiApiAsSourceModule.cs +++ b/src/EdFi.Tools.ApiPublisher.Connections.Api/Modules/EdFiApiAsSourceModule.cs @@ -124,7 +124,7 @@ protected override void Load(ContainerBuilder builder) // API dependency metadata from Ed-Fi ODS API (using Source API) if (options.UseSourceDependencyMetadata) { - builder.RegisterType() + _ = builder.RegisterType() .As() .WithParameter( // Configure to use with Target API diff --git a/src/EdFi.Tools.ApiPublisher.Connections.Api/Modules/EdFiApiAsTargetModule.cs b/src/EdFi.Tools.ApiPublisher.Connections.Api/Modules/EdFiApiAsTargetModule.cs index f48f960..d88e763 100644 --- a/src/EdFi.Tools.ApiPublisher.Connections.Api/Modules/EdFiApiAsTargetModule.cs +++ b/src/EdFi.Tools.ApiPublisher.Connections.Api/Modules/EdFiApiAsTargetModule.cs @@ -60,7 +60,7 @@ protected override void Load(ContainerBuilder builder) // API dependency metadata from Ed-Fi ODS API (using Target API) if (!options.UseSourceDependencyMetadata) { - builder.RegisterType() + _ = builder.RegisterType() .As() .WithParameter( // Configure to use with Target API diff --git a/src/EdFi.Tools.ApiPublisher.Connections.Api/Processing/Source/Versioning/EdFiApiSourceCurrentChangeVersionProvider.cs b/src/EdFi.Tools.ApiPublisher.Connections.Api/Processing/Source/Versioning/EdFiApiSourceCurrentChangeVersionProvider.cs index 53480d1..4ed0ff4 100644 --- a/src/EdFi.Tools.ApiPublisher.Connections.Api/Processing/Source/Versioning/EdFiApiSourceCurrentChangeVersionProvider.cs +++ b/src/EdFi.Tools.ApiPublisher.Connections.Api/Processing/Source/Versioning/EdFiApiSourceCurrentChangeVersionProvider.cs @@ -46,13 +46,12 @@ public EdFiApiSourceCurrentChangeVersionProvider(ISourceEdFiApiClientProvider so try { - long maxChangeVersion = - + long maxChangeVersion + = // Versions of Ed-Fi API through at least v3.4 (JObject.Parse(versionResponseText)["NewestChangeVersion"] - - // Enhancements/fixes applied introduced as part of API Publisher work - ?? JObject.Parse(versionResponseText)["newestChangeVersion"]).Value(); + // Enhancements/fixes applied introduced as part of API Publisher work + ?? JObject.Parse(versionResponseText)["newestChangeVersion"]).Value(); return maxChangeVersion; } diff --git a/src/EdFi.Tools.ApiPublisher.Connections.Api/Processing/Target/Blocks/PostResourceProcessingBlocksFactory.cs b/src/EdFi.Tools.ApiPublisher.Connections.Api/Processing/Target/Blocks/PostResourceProcessingBlocksFactory.cs index 0561734..ee7b06e 100644 --- a/src/EdFi.Tools.ApiPublisher.Connections.Api/Processing/Target/Blocks/PostResourceProcessingBlocksFactory.cs +++ b/src/EdFi.Tools.ApiPublisher.Connections.Api/Processing/Target/Blocks/PostResourceProcessingBlocksFactory.cs @@ -333,7 +333,6 @@ await HandlePostItemMessage( // Gracefully handle authorization errors by using the retry action delegate // (if present) to post the message to the retry "resource" queue if (apiResponse.StatusCode == HttpStatusCode.Forbidden - // Determine if current resource has an authorization retry queue && postItemMessage.PostAuthorizationFailureRetry != null) { @@ -446,10 +445,9 @@ string GetResponseMessageText(HttpResponseMessage response) bool IsBadRequestForUnresolvedReferenceOfPrimaryRelationship(HttpResponseMessage postItemResponse, PostItemMessage msg) { // If response is a Bad Request, check for need to explicitly fetch dependencies - if (postItemResponse.StatusCode == HttpStatusCode.BadRequest && - + if (postItemResponse.StatusCode == HttpStatusCode.BadRequest // If resource is a "primary relationship" configured in authorization failure handling - missingDependencyByResourcePath.TryGetValue(msg.ResourceUrl, out string missingDependencyResourcePath)) + && missingDependencyByResourcePath.TryGetValue(msg.ResourceUrl, out string missingDependencyResourcePath)) { string responseMessageText = GetResponseMessageText(postItemResponse); @@ -487,10 +485,9 @@ async Task GetResponseMessageTextAsync(HttpResponseMessage response) { // If response is a Bad Request (which is the API's error response for missing Staff/Student/Parent), check for need to explicitly fetch dependencies // NOTE: If support is expanded for other missing dependencies, the response code from the API (currently) will be a 409 Conflict status. - if (postItemResponse.StatusCode == HttpStatusCode.BadRequest && - + if (postItemResponse.StatusCode == HttpStatusCode.BadRequest // If resource is a "primary relationship" configured in authorization failure handling - missingDependencyByResourcePath.TryGetValue(msg.ResourceUrl, out string missingDependencyResourcePath)) + && missingDependencyByResourcePath.TryGetValue(msg.ResourceUrl, out string missingDependencyResourcePath)) { string responseMessageText = await GetResponseMessageTextAsync(postItemResponse); diff --git a/src/EdFi.Tools.ApiPublisher.Connections.Sqlite/EdFi.Tools.ApiPublisher.Connections.Sqlite.csproj b/src/EdFi.Tools.ApiPublisher.Connections.Sqlite/EdFi.Tools.ApiPublisher.Connections.Sqlite.csproj index 914f81c..cd54bf3 100644 --- a/src/EdFi.Tools.ApiPublisher.Connections.Sqlite/EdFi.Tools.ApiPublisher.Connections.Sqlite.csproj +++ b/src/EdFi.Tools.ApiPublisher.Connections.Sqlite/EdFi.Tools.ApiPublisher.Connections.Sqlite.csproj @@ -4,8 +4,8 @@ enable - - + + diff --git a/src/EdFi.Tools.ApiPublisher.Core/EdFi.Tools.ApiPublisher.Core.csproj b/src/EdFi.Tools.ApiPublisher.Core/EdFi.Tools.ApiPublisher.Core.csproj index 594ef5e..0d6d05b 100644 --- a/src/EdFi.Tools.ApiPublisher.Core/EdFi.Tools.ApiPublisher.Core.csproj +++ b/src/EdFi.Tools.ApiPublisher.Core/EdFi.Tools.ApiPublisher.Core.csproj @@ -4,22 +4,22 @@ 10 - - + + - + - + - + - - + + - + - + \ No newline at end of file diff --git a/src/EdFi.Tools.ApiPublisher.Tests/EdFi.Tools.ApiPublisher.Tests.csproj b/src/EdFi.Tools.ApiPublisher.Tests/EdFi.Tools.ApiPublisher.Tests.csproj index d545298..ee2e03c 100644 --- a/src/EdFi.Tools.ApiPublisher.Tests/EdFi.Tools.ApiPublisher.Tests.csproj +++ b/src/EdFi.Tools.ApiPublisher.Tests/EdFi.Tools.ApiPublisher.Tests.csproj @@ -4,19 +4,19 @@ 10 - + - + - - - + + + - - + + diff --git a/src/dev.Dockerfile b/src/dev.Dockerfile index 752e9ca..45ca400 100644 --- a/src/dev.Dockerfile +++ b/src/dev.Dockerfile @@ -5,7 +5,7 @@ # tag sdk:8.0 alpine -FROM mcr.microsoft.com/dotnet/sdk@sha256:91cb46b0ee207d0df53e2e38f2e4013fe2668ab52dcca13c971afbbef94c83ef AS build +FROM mcr.microsoft.com/dotnet/sdk:8.0.203-alpine3.19@sha256:b1275049a8fe922cbc9f1d173ffec044664f30b94e99e2c85dd9b7454fbf596c AS build WORKDIR /source COPY ./.editorconfig .editorconfig @@ -60,4 +60,4 @@ RUN apk --no-cache add unzip=~6 dos2unix=~7 bash=~5 gettext=~0 icu=~74 curl=~8 & rm -f /app/*.pdb && \ rm -f /app/*.exe -ENTRYPOINT [ "/app/run.sh" ] \ No newline at end of file +ENTRYPOINT [ "/app/run.sh" ] From 1f5bd478cb11a22b0513d76233c863d3540545b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Alberto=20Leiva=20Obando?= Date: Wed, 16 Oct 2024 10:36:39 -0600 Subject: [PATCH 02/11] Update packages --- src/Dockerfile | 4 ++-- .../EdFi.Tools.ApiPublisher.Cli.csproj | 1 + .../EdFi.Tools.ApiPublisher.ConfigurationStore.Aws.csproj | 1 + ...dFi.Tools.ApiPublisher.ConfigurationStore.Plaintext.csproj | 3 +++ ...Fi.Tools.ApiPublisher.ConfigurationStore.PostgreSql.csproj | 1 + ...dFi.Tools.ApiPublisher.ConfigurationStore.SqlServer.csproj | 1 + .../EdFi.Tools.ApiPublisher.Connections.Api.csproj | 1 + .../EdFi.Tools.ApiPublisher.Connections.Sqlite.csproj | 1 + .../EdFi.Tools.ApiPublisher.Core.csproj | 1 + .../EdFi.Tools.ApiPublisher.Tests.csproj | 1 + 10 files changed, 13 insertions(+), 2 deletions(-) diff --git a/src/Dockerfile b/src/Dockerfile index 141bee2..98169e6 100644 --- a/src/Dockerfile +++ b/src/Dockerfile @@ -3,8 +3,8 @@ # The Ed-Fi Alliance licenses this file to you under the Apache License, Version 2.0. # See the LICENSE and NOTICES files in the project root for more information. -# Tag aspnet:8.0-alpine -FROM mcr.microsoft.com/dotnet/aspnet@sha256:ba398f8c6a0469436cc115bfbd278002baf4ce9423b6d8a9e904da6adc31a23d +# Tag aspnet:8.0-alpine3.19-amd64 +FROM mcr.microsoft.com/dotnet/aspnet@sha256:edc046db633d2eac3acfa494c10c6b7b3b9ff9f66f1ed92cec8021f5ee38d755 LABEL maintainer="Ed-Fi Alliance, LLC and Contributors " ARG VERSION="1.2.1" diff --git a/src/EdFi.Tools.ApiPublisher.Cli/EdFi.Tools.ApiPublisher.Cli.csproj b/src/EdFi.Tools.ApiPublisher.Cli/EdFi.Tools.ApiPublisher.Cli.csproj index 0b555bc..12c735b 100644 --- a/src/EdFi.Tools.ApiPublisher.Cli/EdFi.Tools.ApiPublisher.Cli.csproj +++ b/src/EdFi.Tools.ApiPublisher.Cli/EdFi.Tools.ApiPublisher.Cli.csproj @@ -20,6 +20,7 @@ + diff --git a/src/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws.csproj b/src/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws.csproj index cf5931e..f8e83b7 100644 --- a/src/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws.csproj +++ b/src/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws/EdFi.Tools.ApiPublisher.ConfigurationStore.Aws.csproj @@ -8,6 +8,7 @@ + diff --git a/src/EdFi.Tools.ApiPublisher.ConfigurationStore.Plaintext/EdFi.Tools.ApiPublisher.ConfigurationStore.Plaintext.csproj b/src/EdFi.Tools.ApiPublisher.ConfigurationStore.Plaintext/EdFi.Tools.ApiPublisher.ConfigurationStore.Plaintext.csproj index 6304b42..b333299 100644 --- a/src/EdFi.Tools.ApiPublisher.ConfigurationStore.Plaintext/EdFi.Tools.ApiPublisher.ConfigurationStore.Plaintext.csproj +++ b/src/EdFi.Tools.ApiPublisher.ConfigurationStore.Plaintext/EdFi.Tools.ApiPublisher.ConfigurationStore.Plaintext.csproj @@ -3,6 +3,9 @@ net8.0 enable + + + diff --git a/src/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql.csproj b/src/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql.csproj index bbe3932..6ea15f6 100644 --- a/src/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql.csproj +++ b/src/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql/EdFi.Tools.ApiPublisher.ConfigurationStore.PostgreSql.csproj @@ -7,6 +7,7 @@ + diff --git a/src/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer.csproj b/src/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer.csproj index f6364c4..e5c5260 100644 --- a/src/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer.csproj +++ b/src/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer/EdFi.Tools.ApiPublisher.ConfigurationStore.SqlServer.csproj @@ -9,6 +9,7 @@ + diff --git a/src/EdFi.Tools.ApiPublisher.Connections.Api/EdFi.Tools.ApiPublisher.Connections.Api.csproj b/src/EdFi.Tools.ApiPublisher.Connections.Api/EdFi.Tools.ApiPublisher.Connections.Api.csproj index 25fa5ea..3509455 100644 --- a/src/EdFi.Tools.ApiPublisher.Connections.Api/EdFi.Tools.ApiPublisher.Connections.Api.csproj +++ b/src/EdFi.Tools.ApiPublisher.Connections.Api/EdFi.Tools.ApiPublisher.Connections.Api.csproj @@ -17,6 +17,7 @@ runtime; build; native; contentfiles; analyzers; buildtransitive all + diff --git a/src/EdFi.Tools.ApiPublisher.Connections.Sqlite/EdFi.Tools.ApiPublisher.Connections.Sqlite.csproj b/src/EdFi.Tools.ApiPublisher.Connections.Sqlite/EdFi.Tools.ApiPublisher.Connections.Sqlite.csproj index cd54bf3..0c57438 100644 --- a/src/EdFi.Tools.ApiPublisher.Connections.Sqlite/EdFi.Tools.ApiPublisher.Connections.Sqlite.csproj +++ b/src/EdFi.Tools.ApiPublisher.Connections.Sqlite/EdFi.Tools.ApiPublisher.Connections.Sqlite.csproj @@ -6,6 +6,7 @@ + diff --git a/src/EdFi.Tools.ApiPublisher.Core/EdFi.Tools.ApiPublisher.Core.csproj b/src/EdFi.Tools.ApiPublisher.Core/EdFi.Tools.ApiPublisher.Core.csproj index 0d6d05b..1f45a3f 100644 --- a/src/EdFi.Tools.ApiPublisher.Core/EdFi.Tools.ApiPublisher.Core.csproj +++ b/src/EdFi.Tools.ApiPublisher.Core/EdFi.Tools.ApiPublisher.Core.csproj @@ -19,6 +19,7 @@ + diff --git a/src/EdFi.Tools.ApiPublisher.Tests/EdFi.Tools.ApiPublisher.Tests.csproj b/src/EdFi.Tools.ApiPublisher.Tests/EdFi.Tools.ApiPublisher.Tests.csproj index ee2e03c..24bf2a4 100644 --- a/src/EdFi.Tools.ApiPublisher.Tests/EdFi.Tools.ApiPublisher.Tests.csproj +++ b/src/EdFi.Tools.ApiPublisher.Tests/EdFi.Tools.ApiPublisher.Tests.csproj @@ -17,6 +17,7 @@ + From 3f84b542a8aa5a5c7040dc29da7b18b25faa24ed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Alberto=20Leiva=20Obando?= Date: Wed, 16 Oct 2024 11:05:07 -0600 Subject: [PATCH 03/11] Test docker --- src/Dockerfile | 2 +- src/dev.Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Dockerfile b/src/Dockerfile index 98169e6..bf22e7c 100644 --- a/src/Dockerfile +++ b/src/Dockerfile @@ -4,7 +4,7 @@ # See the LICENSE and NOTICES files in the project root for more information. # Tag aspnet:8.0-alpine3.19-amd64 -FROM mcr.microsoft.com/dotnet/aspnet@sha256:edc046db633d2eac3acfa494c10c6b7b3b9ff9f66f1ed92cec8021f5ee38d755 +FROM mcr.microsoft.com/dotnet/aspnet@sha256:df89fa1f564c4cffe3fea9a2082c50f141f0c709560fdcfc483a2d9b9c8399b4 LABEL maintainer="Ed-Fi Alliance, LLC and Contributors " ARG VERSION="1.2.1" diff --git a/src/dev.Dockerfile b/src/dev.Dockerfile index 45ca400..dd6717c 100644 --- a/src/dev.Dockerfile +++ b/src/dev.Dockerfile @@ -5,7 +5,7 @@ # tag sdk:8.0 alpine -FROM mcr.microsoft.com/dotnet/sdk:8.0.203-alpine3.19@sha256:b1275049a8fe922cbc9f1d173ffec044664f30b94e99e2c85dd9b7454fbf596c AS build +FROM mcr.microsoft.com/dotnet/sdk@sha256:df89fa1f564c4cffe3fea9a2082c50f141f0c709560fdcfc483a2d9b9c8399b4 AS build WORKDIR /source COPY ./.editorconfig .editorconfig From df870901ca5c4f1c7fca577f1cee765744933806 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Alberto=20Leiva=20Obando?= Date: Wed, 16 Oct 2024 11:08:46 -0600 Subject: [PATCH 04/11] Fjx version --- src/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Dockerfile b/src/Dockerfile index bf22e7c..6e2121b 100644 --- a/src/Dockerfile +++ b/src/Dockerfile @@ -4,7 +4,7 @@ # See the LICENSE and NOTICES files in the project root for more information. # Tag aspnet:8.0-alpine3.19-amd64 -FROM mcr.microsoft.com/dotnet/aspnet@sha256:df89fa1f564c4cffe3fea9a2082c50f141f0c709560fdcfc483a2d9b9c8399b4 +FROM mcr.microsoft.com/dotnet/aspnet@sha256:1d9e1eb36eb822e7be487e7a11cd2350529e14e5e91484a08b501c9822867be4 LABEL maintainer="Ed-Fi Alliance, LLC and Contributors " ARG VERSION="1.2.1" From 63ec03906c6b24da46da72b3ff2a6aeeb34e9612 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Alberto=20Leiva=20Obando?= Date: Wed, 16 Oct 2024 11:25:49 -0600 Subject: [PATCH 05/11] Add apk update to fix postgres installation error --- src/Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/Dockerfile b/src/Dockerfile index 6e2121b..6ae77e7 100644 --- a/src/Dockerfile +++ b/src/Dockerfile @@ -21,7 +21,8 @@ COPY ./Docker/plainTextNamedConnections.template.json /app/plainTextNamedConnect COPY ./Docker/run.sh /app/run.sh -RUN apk --no-cache add unzip=~6 dos2unix=~7 bash=~5 gettext=~0 postgresql13-client=~13 icu=~74 curl=~8 && \ +RUN apk update \ + apk --no-cache add unzip=~6 dos2unix=~7 bash=~5 gettext=~0 postgresql13-client=~13 icu=~74 curl=~8 && \ wget -nv -O /app/ApiPublisher.zip https://pkgs.dev.azure.com/ed-fi-alliance/Ed-Fi-Alliance-OSS/_apis/packaging/feeds/EdFi/nuget/packages/EdFi.ApiPublisher/versions/${VERSION}/content && \ unzip /app/ApiPublisher.zip 'EdFi.ApiPublisher/**' -d /app/ && \ mv /app/EdFi.ApiPublisher/* /app/ && \ From 16a4bd3cc114219b13833d8c5f4da380ed27cdf9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Alberto=20Leiva=20Obando?= Date: Wed, 16 Oct 2024 13:23:30 -0600 Subject: [PATCH 06/11] Update Dockerfile Upgrade openssl version to fix vulnerability --- src/Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/Dockerfile b/src/Dockerfile index 6ae77e7..5aff560 100644 --- a/src/Dockerfile +++ b/src/Dockerfile @@ -21,8 +21,9 @@ COPY ./Docker/plainTextNamedConnections.template.json /app/plainTextNamedConnect COPY ./Docker/run.sh /app/run.sh -RUN apk update \ +RUN apk update && \ apk --no-cache add unzip=~6 dos2unix=~7 bash=~5 gettext=~0 postgresql13-client=~13 icu=~74 curl=~8 && \ + apk add --upgrade openssl=3.1.7-r0 && \ wget -nv -O /app/ApiPublisher.zip https://pkgs.dev.azure.com/ed-fi-alliance/Ed-Fi-Alliance-OSS/_apis/packaging/feeds/EdFi/nuget/packages/EdFi.ApiPublisher/versions/${VERSION}/content && \ unzip /app/ApiPublisher.zip 'EdFi.ApiPublisher/**' -d /app/ && \ mv /app/EdFi.ApiPublisher/* /app/ && \ From c8310a9d173f4e31fcf657b1a6ec985cf6719d86 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Alberto=20Leiva=20Obando?= Date: Wed, 16 Oct 2024 13:40:26 -0600 Subject: [PATCH 07/11] Update Dockerfile Upgrade postgres client version --- src/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Dockerfile b/src/Dockerfile index 5aff560..32af1ac 100644 --- a/src/Dockerfile +++ b/src/Dockerfile @@ -22,7 +22,7 @@ COPY ./Docker/plainTextNamedConnections.template.json /app/plainTextNamedConnect COPY ./Docker/run.sh /app/run.sh RUN apk update && \ - apk --no-cache add unzip=~6 dos2unix=~7 bash=~5 gettext=~0 postgresql13-client=~13 icu=~74 curl=~8 && \ + apk --no-cache add unzip=~6 dos2unix=~7 bash=~5 gettext=~0 postgresql15-client=~15 icu=~74 curl=~8 && \ apk add --upgrade openssl=3.1.7-r0 && \ wget -nv -O /app/ApiPublisher.zip https://pkgs.dev.azure.com/ed-fi-alliance/Ed-Fi-Alliance-OSS/_apis/packaging/feeds/EdFi/nuget/packages/EdFi.ApiPublisher/versions/${VERSION}/content && \ unzip /app/ApiPublisher.zip 'EdFi.ApiPublisher/**' -d /app/ && \ From 133246fb7e03ba992af0767da25691547c20a709 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Alberto=20Leiva=20Obando?= Date: Wed, 16 Oct 2024 13:46:07 -0600 Subject: [PATCH 08/11] Update Dockerfile Fix openssl version --- src/Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/Dockerfile b/src/Dockerfile index 32af1ac..baa5a4c 100644 --- a/src/Dockerfile +++ b/src/Dockerfile @@ -22,8 +22,7 @@ COPY ./Docker/plainTextNamedConnections.template.json /app/plainTextNamedConnect COPY ./Docker/run.sh /app/run.sh RUN apk update && \ - apk --no-cache add unzip=~6 dos2unix=~7 bash=~5 gettext=~0 postgresql15-client=~15 icu=~74 curl=~8 && \ - apk add --upgrade openssl=3.1.7-r0 && \ + apk --no-cache add --upgrade unzip=~6 dos2unix=~7 bash=~5 gettext=~0 openssl=3.3.2-r0 postgresql15-client=~15 icu=~74 curl=~8 && \ wget -nv -O /app/ApiPublisher.zip https://pkgs.dev.azure.com/ed-fi-alliance/Ed-Fi-Alliance-OSS/_apis/packaging/feeds/EdFi/nuget/packages/EdFi.ApiPublisher/versions/${VERSION}/content && \ unzip /app/ApiPublisher.zip 'EdFi.ApiPublisher/**' -d /app/ && \ mv /app/EdFi.ApiPublisher/* /app/ && \ From 618b7ac5f6887a0cec11d7c0e90008d1937be079 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Alberto=20Leiva=20Obando?= Date: Wed, 16 Oct 2024 13:53:59 -0600 Subject: [PATCH 09/11] Update dev.Dockerfile Update version for dev docker file --- src/dev.Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/dev.Dockerfile b/src/dev.Dockerfile index dd6717c..8738508 100644 --- a/src/dev.Dockerfile +++ b/src/dev.Dockerfile @@ -37,7 +37,7 @@ RUN dotnet publish -c Release -o /app/EdFi.Tools.ApiPiblisher.Cli --no-build --n # Tag aspnet:8.0 alpine -FROM mcr.microsoft.com/dotnet/aspnet@sha256:ba398f8c6a0469436cc115bfbd278002baf4ce9423b6d8a9e904da6adc31a23d +FROM mcr.microsoft.com/dotnet/aspnet@sha256:1d9e1eb36eb822e7be487e7a11cd2350529e14e5e91484a08b501c9822867be4 LABEL maintainer="Ed-Fi Alliance, LLC and Contributors " # Alpine image does not contain Globalization Cultures library so we need to install ICU library to get fopr LINQ expression to work @@ -53,7 +53,7 @@ COPY ./Docker/logging.template.json /app/logging.template.json COPY ./Docker/plainTextNamedConnections.template.json /app/plainTextNamedConnections.template.json COPY ./Docker/run.sh /app/run.sh -RUN apk --no-cache add unzip=~6 dos2unix=~7 bash=~5 gettext=~0 icu=~74 curl=~8 && \ +RUN apk --no-cache add --upgrade unzip=~6 dos2unix=~7 bash=~5 openssl=3.3.2-r0 gettext=~0 icu=~74 curl=~8 && \ dos2unix /app/*.json && \ dos2unix /app/*.sh && \ chmod 700 /app/*.sh -- ** && \ From 2413b21834dc1bd511815ea79a4fd13de5240213 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Alberto=20Leiva=20Obando?= Date: Wed, 16 Oct 2024 14:14:17 -0600 Subject: [PATCH 10/11] Update Dockerfile Update postgres to version 16 --- src/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Dockerfile b/src/Dockerfile index baa5a4c..803c538 100644 --- a/src/Dockerfile +++ b/src/Dockerfile @@ -22,7 +22,7 @@ COPY ./Docker/plainTextNamedConnections.template.json /app/plainTextNamedConnect COPY ./Docker/run.sh /app/run.sh RUN apk update && \ - apk --no-cache add --upgrade unzip=~6 dos2unix=~7 bash=~5 gettext=~0 openssl=3.3.2-r0 postgresql15-client=~15 icu=~74 curl=~8 && \ + apk --no-cache add --upgrade unzip=~6 dos2unix=~7 bash=~5 gettext=~0 openssl=3.3.2-r0 postgresql16-client=~16 icu=~74 curl=~8 && \ wget -nv -O /app/ApiPublisher.zip https://pkgs.dev.azure.com/ed-fi-alliance/Ed-Fi-Alliance-OSS/_apis/packaging/feeds/EdFi/nuget/packages/EdFi.ApiPublisher/versions/${VERSION}/content && \ unzip /app/ApiPublisher.zip 'EdFi.ApiPublisher/**' -d /app/ && \ mv /app/EdFi.ApiPublisher/* /app/ && \ From 49f978a87e4beca29b43cb0bf7bc4ceb293b0f3d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Alberto=20Leiva=20Obando?= Date: Thu, 17 Oct 2024 08:28:11 -0600 Subject: [PATCH 11/11] Add version to clarify source --- src/Dockerfile | 4 ++-- src/dev.Dockerfile | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Dockerfile b/src/Dockerfile index 803c538..86a7120 100644 --- a/src/Dockerfile +++ b/src/Dockerfile @@ -3,8 +3,8 @@ # The Ed-Fi Alliance licenses this file to you under the Apache License, Version 2.0. # See the LICENSE and NOTICES files in the project root for more information. -# Tag aspnet:8.0-alpine3.19-amd64 -FROM mcr.microsoft.com/dotnet/aspnet@sha256:1d9e1eb36eb822e7be487e7a11cd2350529e14e5e91484a08b501c9822867be4 +# Tag aspnet:8.0-alpine3.20 +FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine3.20@sha256:b5b7dec8006fe016cc864f618cf60eab24fb7d7a28c8ecf4f6b90ceeaa5cf9f2 LABEL maintainer="Ed-Fi Alliance, LLC and Contributors " ARG VERSION="1.2.1" diff --git a/src/dev.Dockerfile b/src/dev.Dockerfile index 8738508..bd62452 100644 --- a/src/dev.Dockerfile +++ b/src/dev.Dockerfile @@ -5,7 +5,7 @@ # tag sdk:8.0 alpine -FROM mcr.microsoft.com/dotnet/sdk@sha256:df89fa1f564c4cffe3fea9a2082c50f141f0c709560fdcfc483a2d9b9c8399b4 AS build +FROM mcr.microsoft.com/dotnet/sdk:8.0-alpine3.20@sha256:07cb8622ca6c4d7600b42b2eccba968dff4b37d41b43a9bf4bd800aa02fab117 AS build WORKDIR /source COPY ./.editorconfig .editorconfig @@ -37,7 +37,7 @@ RUN dotnet publish -c Release -o /app/EdFi.Tools.ApiPiblisher.Cli --no-build --n # Tag aspnet:8.0 alpine -FROM mcr.microsoft.com/dotnet/aspnet@sha256:1d9e1eb36eb822e7be487e7a11cd2350529e14e5e91484a08b501c9822867be4 +FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine3.20@sha256:b5b7dec8006fe016cc864f618cf60eab24fb7d7a28c8ecf4f6b90ceeaa5cf9f2 LABEL maintainer="Ed-Fi Alliance, LLC and Contributors " # Alpine image does not contain Globalization Cultures library so we need to install ICU library to get fopr LINQ expression to work