Skip to content

Commit 6a24964

Browse files
Security patches (#371)
* security patch: update cf-errors * security patches, Dockerfile: change the node base image change the way jq and yq are installed clean yarn cache remove yarn from the prod image * Update codefresh.yml * Update package version
1 parent ecb0e20 commit 6a24964

File tree

4 files changed

+594
-389
lines changed

4 files changed

+594
-389
lines changed

Dockerfile

Lines changed: 16 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,22 +1,34 @@
11
FROM golang:alpine as go
22

3-
RUN apk add --update ca-certificates git
3+
RUN apk --update add ca-certificates git
4+
45
RUN go get github.com/github/hub
56

6-
FROM node:10.15.3-alpine
7+
FROM codefresh/node:10.15.3-alpine3.11
8+
9+
RUN apk --update add --no-cache ca-certificates git curl bash yarn
710

8-
RUN apk add --update ca-certificates git curl jq py-pip bash && pip install yq
911
COPY --from=go /go/bin/hub /usr/local/bin/hub
12+
13+
ARG JQ_VERSION=1.6
14+
ARG YQ_VERSION=2.4.1
15+
16+
RUN wget -O /usr/local/bin/jq https://github.com/stedolan/jq/releases/download/jq-${JQ_VERSION}/jq-linux64 && \
17+
wget -O /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64 && \
18+
chmod +x /usr/local/bin/*
19+
1020
WORKDIR /cf-cli
1121

1222
COPY package.json /cf-cli
1323
COPY check-version.js /cf-cli
1424

15-
RUN yarn --prod install
25+
RUN yarn install --prod --frozen-lockfile && \
26+
yarn cache clean
1627

1728
COPY . /cf-cli
1829

1930
RUN yarn generate-completion
31+
RUN apk del yarn
2032

2133
RUN ln -s $(pwd)/lib/interface/cli/codefresh /usr/local/bin/codefresh
2234

codefresh.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -12,19 +12,19 @@ steps:
1212

1313
install_dependencies:
1414
title: 'Installing testing dependencies'
15-
image: codefresh/node-tester-image:8.8.0
15+
image: codefresh/node-tester-image:10.15.3
1616
commands:
1717
- yarn install --frozen-lockfile
1818

1919
eslint:
2020
title: 'Running linting logic'
21-
image: codefresh/node-tester-image:8.8.0
21+
image: codefresh/node-tester-image:10.15.3
2222
commands:
2323
- yarn eslint
2424

2525
unit-tests:
2626
title: 'Running unit tests'
27-
image: codefresh/node-tester-image:8.8.0
27+
image: codefresh/node-tester-image:10.15.3
2828
commands:
2929
- yarn test
3030

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@
3434
"@codefresh-io/docker-reference": "^0.0.5",
3535
"ajv": "^6.6.1",
3636
"bluebird": "^3.5.1",
37-
"cf-errors": "^0.1.11",
37+
"cf-errors": "^0.1.12",
3838
"chalk": "^1.1.3",
3939
"cli-progress": "^1.6.1",
4040
"codefresh-sdk": "1.4.0",

0 commit comments

Comments
 (0)