From dcb56ff7284957d1995c5b96bd3201e282e1ece8 Mon Sep 17 00:00:00 2001 From: lolorol Date: Thu, 8 Apr 2021 03:19:27 +0000 Subject: [PATCH] Update security patch for python --- .pip_to_patch_latest | 24 ++++++++++++++++++++++++ Dockerfile | 10 +++++++++- 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 .pip_to_patch_latest diff --git a/.pip_to_patch_latest b/.pip_to_patch_latest new file mode 100644 index 000000000..c640df742 --- /dev/null +++ b/.pip_to_patch_latest @@ -0,0 +1,24 @@ +boto3 +botocore +certifi +chardet +checkov +colorama +cryptography +distro-info +dnspython +docutils +gitdb +GitPython +httplib2 +idna +Jinja2 +junit-xml +lark-parser +packaging +PyYAML +setuptools +smmap +tabulate +tqdm +urllib3 \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index cf40e05a8..7254b1d8f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -46,6 +46,9 @@ ENV SSH_PASSWD=${SSH_PASSWD} \ LC_ALL=en_US.UTF-8 \ DEBIAN_FRONTEND=noninteractive +WORKDIR /tf/rover +COPY ./.pip_to_patch_latest . + # installation tools RUN apt-get update && \ apt-get install -y \ @@ -162,6 +165,11 @@ RUN apt-get update && \ fonts-powerline \ jq=${versionJq}-1ubuntu0.20.04.1 && \ # + # Patch + # to regenerate the list - pip3 list --outdated --format=columns |tail -n +3|cut -d" " -f1 > pip_to_patch_latest + # + for i in $(cat ./.pip_to_patch_latest); do pip3 install $i --upgrade; done && \ + # # Clean-up # apt-get remove -y \ @@ -198,7 +206,7 @@ RUN apt-get update && \ echo "export HISTCONTROL=ignoredups:erasedups" >> "/home/${USERNAME}/.bashrc" && \ echo "PROMPT_COMMAND=\"${PROMPT_COMMAND:+$PROMPT_COMMAND$'\n'}history -a; history -c; history -r\"" >> "/home/${USERNAME}/.bashrc" -WORKDIR /tf/rover + COPY ./scripts/rover.sh . COPY ./scripts/tfstate_azurerm.sh . COPY ./scripts/functions.sh .