UNCLASSIFIED

Commit 10cc3c3c authored by Vickie Shen's avatar Vickie Shen
Browse files

Merge branch 'sato-66' into 'development'

Sato 66

See merge request !19
parents 13b754a3 654c14c4
Pipeline #245339 passed with stages
in 33 minutes and 37 seconds
...@@ -39,6 +39,8 @@ RUN /opt/bitnami/scripts/airflow/postunpack.sh && \ ...@@ -39,6 +39,8 @@ RUN /opt/bitnami/scripts/airflow/postunpack.sh && \
tar xfz /local/wheels/thrift-0.14.1.tar.gz -C /local/wheels && \ tar xfz /local/wheels/thrift-0.14.1.tar.gz -C /local/wheels && \
pip install --no-index --no-deps /local/wheels/thrift-0.14.1/lib/py && \ pip install --no-index --no-deps /local/wheels/thrift-0.14.1/lib/py && \
rm -rf /local/wheels/thrift-0.14.1* && \ rm -rf /local/wheels/thrift-0.14.1* && \
# Remove Elasticsearch 7.5.1 due to high findings CVE-2020-7019 CVE-2020-7021 CVE-2020-7020 CVE-2020-7014 CVE-2020-7009
rm -rf /opt/bitnami/airflow/venv/lib/python3.8/site-packages/elasticsearch && rm -rf /opt/bitnami/airflow/venv/lib/python3.8/site-packages/elasticsearch-7.5* && \
for f in $(ls -l /local/wheels | awk '{print $9}' |sed '/^$/d'); do pip install --no-index --no-deps /local/wheels/$f; done && \ for f in $(ls -l /local/wheels | awk '{print $9}' |sed '/^$/d'); do pip install --no-index --no-deps /local/wheels/$f; done && \
find /opt/bitnami/airflow/venv/lib/python3.8/site-packages -name "*.pem" -o -name "*.key" | egrep ".*test.*/.*\.pem|.*test.*/.*\.key" | xargs rm -f && \ find /opt/bitnami/airflow/venv/lib/python3.8/site-packages -name "*.pem" -o -name "*.key" | egrep ".*test.*/.*\.pem|.*test.*/.*\.key" | xargs rm -f && \
rm -rf /local/* rm -rf /local/*
......
...@@ -6,7 +6,8 @@ Project template for all Iron Bank container repositories. ...@@ -6,7 +6,8 @@ Project template for all Iron Bank container repositories.
> Airflow is a platform to programmatically author, schedule and monitor workflows. > Airflow is a platform to programmatically author, schedule and monitor workflows.
https://airflow.apache.org/ https://airflow.apache.org/
### Ironbank Hardened Image Notes:
apache-airflow-providers-elasticsearch will not work on this image due to vulnerabilities with Elasticsearch 7.5.1 (Removed)
# TL;DR # TL;DR
## Docker Compose ## Docker Compose
......
...@@ -73,6 +73,11 @@ resources: ...@@ -73,6 +73,11 @@ resources:
validation: validation:
type: sha256 type: sha256
value: 6ad9c7bdf517a808242b998ac20063c41532a570d088d77eec1ee12b0b5574bc value: 6ad9c7bdf517a808242b998ac20063c41532a570d088d77eec1ee12b0b5574bc
- filename: astroid-2.5.1-py3-none-any.whl
url: https://files.pythonhosted.org/packages/f1/49/d51e5ce77ea234ee416966e489283512a9852f78d9ff125747eae29e7b69/astroid-2.5.1-py3-none-any.whl
validation:
type: sha256
value: 21d735aab248253531bb0f1e1e6d068f0ee23533e18ae8a6171ff892b98297cf
# List of project maintainers # List of project maintainers
maintainers: maintainers:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment