From 6991f7a53a976f8de70b1a5e7a0a270b80f4523e Mon Sep 17 00:00:00 2001 From: Yaroslav Drachenko Date: Wed, 24 May 2023 11:58:52 +0300 Subject: [PATCH] CR-18675 -- vuln (#816) --- Dockerfile | 2 +- Dockerfile-debian | 2 +- Dockerfile-debian-rootless | 2 +- Dockerfile-rootless | 2 +- codefresh-release.yml | 9 ++++---- codefresh.yml | 31 ++++++++++++++++++++++++- package.json | 2 +- yarn.lock | 46 ++++++++++++++------------------------ 8 files changed, 56 insertions(+), 40 deletions(-) diff --git a/Dockerfile b/Dockerfile index fb5b0f4a1..dc23238d4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,7 +11,7 @@ RUN pip install yq==${YQ_VERSION} RUN pyinstaller --noconfirm --onefile --log-level DEBUG --clean --distpath /tmp/ $(which yq) # Main -FROM node:18.14.1-alpine3.17 +FROM node:18.16.0-alpine3.17 RUN apk --update add --no-cache ca-certificates git curl bash jq diff --git a/Dockerfile-debian b/Dockerfile-debian index ef1fbb217..9c9771279 100644 --- a/Dockerfile-debian +++ b/Dockerfile-debian @@ -11,7 +11,7 @@ RUN pip install yq==${YQ_VERSION} RUN pyinstaller --noconfirm --onefile --log-level DEBUG --clean --distpath /tmp/ $(which yq) # Main -FROM node:18.14.1-bullseye-slim +FROM node:18.16.0-bullseye-slim RUN apt update RUN apt -y install ca-certificates git curl bash jq busybox && ln -s /bin/busybox /usr/bin/[[ diff --git a/Dockerfile-debian-rootless b/Dockerfile-debian-rootless index 1dceda252..a272b9cb7 100644 --- a/Dockerfile-debian-rootless +++ b/Dockerfile-debian-rootless @@ -11,7 +11,7 @@ RUN pip install yq==${YQ_VERSION} RUN pyinstaller --noconfirm --onefile --log-level DEBUG --clean --distpath /tmp/ $(which yq) # Main -FROM node:18.14.1-bullseye-slim +FROM node:18.16.0-bullseye-slim RUN apt update RUN apt -y install ca-certificates git curl bash jq busybox && ln -s /bin/busybox /usr/bin/[[ diff --git a/Dockerfile-rootless b/Dockerfile-rootless index ae19d373a..0d1ff78ff 100644 --- a/Dockerfile-rootless +++ b/Dockerfile-rootless @@ -11,7 +11,7 @@ RUN pip install yq==${YQ_VERSION} RUN pyinstaller --noconfirm --onefile --log-level DEBUG --clean --distpath /tmp/ $(which yq) # Main -FROM node:18.14.1-alpine3.17 +FROM node:18.16.0-alpine3.17 RUN apk --update add --no-cache ca-certificates git curl bash jq diff --git a/codefresh-release.yml b/codefresh-release.yml index 0e882c15f..3c3d7d670 100644 --- a/codefresh-release.yml +++ b/codefresh-release.yml @@ -445,14 +445,13 @@ steps: update_documentation: stage: documentation title: "Update documentation http://cli.codefresh.io" - image: docker:18.01 + image: codefresh/build-cli commands: - - "apk update && apk add git nodejs" - - "npm install" + - "yarn" - "echo cleaning previous public dir and recreating worktree" - - "rm -rf public && git worktree prune && git worktree add -B gh-pages public origin/gh-pages" + - "rm -rf public && git worktree prune && git worktree add -B gh-pages public origin/gh-pages" - "echo Building public docs" - - "npm run build-public-docs" + - "yarn run build-public-docs" - "echo Push new docs to gh-pages detached branch" - 'git config --global user.email "auto-ci@codefresh.io" && git config --global user.name "Automated CI"' - 'cd public && git add --all && git commit -m "Publish new documentation for version ${{PACKAGE_VERSION}}" && git push https://${{GITHUB_TOKEN}}@github.com/codefresh-io/cli.git' diff --git a/codefresh.yml b/codefresh.yml index f6875ef16..f7946ac49 100644 --- a/codefresh.yml +++ b/codefresh.yml @@ -328,7 +328,7 @@ steps: type: codefresh-run arguments: PIPELINE_ID: 'codefresh-io/cli/release' - DETACH: true + TRIGGER_ID: codefresh-io/cli_1 BRANCH: master VARIABLE: - PACKAGE_VERSION=${{PACKAGE_VERSION}} @@ -342,3 +342,32 @@ steps: - name: create_manifest_list on: - success + + execute_e2e_pipeline: + stage: final + title: "Execute E2E pipeline for image of this commit" + type: codefresh-run + arguments: + PIPELINE_ID: 'cli-v1-e2e/root' + VARIABLE: + - CLI_VERSION=${{CF_SHORT_REVISION}} + when: + steps: + - name: push_step_alpine + on: + - success + + build_documentation: + stage: test + title: "build documentation http://cli.codefresh.io" + image: codefresh/build-cli + commands: + - "echo Building public docs" + - "yarn run build-public-docs" + environment: + - HUGO_VERSION=0.32.0 + when: + steps: + - name: install_dependencies + on: + - success diff --git a/package.json b/package.json index 7a3c88610..f15379141 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "codefresh", - "version": "0.84.1", + "version": "0.84.2", "description": "Codefresh command line utility", "main": "index.js", "preferGlobal": true, diff --git a/yarn.lock b/yarn.lock index d2a39aa89..c21b811f1 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2763,9 +2763,9 @@ html-encoding-sniffer@^1.0.2: whatwg-encoding "^1.0.1" http-cache-semantics@^4.0.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/http-cache-semantics/-/http-cache-semantics-4.1.0.tgz#49e91c5cbf36c9b94bcfcd71c23d5249ec74e390" - integrity sha512-carPklcUh7ROWRK7Cv27RPtdhYhUsela/ue5/jKzjegVvXDqM2ILE9Q2BGn9JZJh1g87cp56su/FgQSzcWS8cQ== + version "4.1.1" + resolved "https://registry.yarnpkg.com/http-cache-semantics/-/http-cache-semantics-4.1.1.tgz#abe02fcb2985460bf0323be664436ec3476a6d5a" + integrity sha512-er295DKPVsV82j5kw1Gjt+ADA/XYHsajl82cGNQG2eyoPkvgUhX+nDIyelzhIWbbsXP39EHcI6l5tYs2FYqYXQ== "http-parser-js@>=0.4.0 <0.4.11": version "0.4.10" @@ -3700,9 +3700,9 @@ jest@^23.6.0: jest-cli "^23.6.0" jose@^1.25.2: - version "1.27.0" - resolved "https://registry.yarnpkg.com/jose/-/jose-1.27.0.tgz#2b2b70978efdeeb0a0804e930a07992aede1ab91" - integrity sha512-SxYPCM9pWDaK070CXbxgL4ktVzLlE0yJxevDJtbWxv2WMQwYfpBZLYlG8PhChsiOfOXp6FrceRgTuZh1vZeDlg== + version "1.28.2" + resolved "https://registry.yarnpkg.com/jose/-/jose-1.28.2.tgz#97f4aa608d0020ae5c1051a2a33247b957401e5a" + integrity sha512-wWy51U2MXxYi3g8zk2lsQ8M6O1lartpkxuq1TYexzPKYLgHLZkCjklaATP36I5BUoWjF2sInB9U1Qf18fBZxNA== dependencies: "@panva/asn1.js" "^1.0.0" @@ -4247,14 +4247,7 @@ mimic-response@^2.0.0: resolved "https://registry.yarnpkg.com/mimic-response/-/mimic-response-2.1.0.tgz#d13763d35f613d09ec37ebb30bac0469c0ee8f43" integrity sha512-wXqjST+SLt7R009ySCglWBCFpjUygmCIfD790/kVbiGmUgfYGuB14PiTd5DwVxSV4NcYHjzMkoj5LjQZwTQLEA== -minimatch@^3.0.3, minimatch@^3.0.4: - version "3.0.4" - resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.0.4.tgz#5166e286457f03306064be5497e8dbb0c3d32083" - integrity sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA== - dependencies: - brace-expansion "^1.1.7" - -minimatch@^3.0.5: +minimatch@^3.0.3, minimatch@^3.0.4, minimatch@^3.0.5: version "3.1.2" resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-3.1.2.tgz#19cd194bfd3e428f049a70817c038d89ab4be35b" integrity sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw== @@ -4830,12 +4823,7 @@ path-key@^3.1.0: resolved "https://registry.yarnpkg.com/path-key/-/path-key-3.1.1.tgz#581f6ade658cbba65a0d3380de7753295054f375" integrity sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q== -path-parse@^1.0.5, path-parse@^1.0.6: - version "1.0.6" - resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.6.tgz#d62dbb5679405d72c4737ec58600e9ddcf06d24c" - integrity sha512-GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw== - -path-parse@^1.0.7: +path-parse@^1.0.5, path-parse@^1.0.6, path-parse@^1.0.7: version "1.0.7" resolved "https://registry.yarnpkg.com/path-parse/-/path-parse-1.0.7.tgz#fbc114b60ca42b30d9daf5858e4bd68bbedb6735" integrity sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw== @@ -6326,9 +6314,9 @@ unbzip2-stream@^1.0.9: through "^2.3.8" underscore@^1.9.1: - version "1.10.2" - resolved "https://registry.yarnpkg.com/underscore/-/underscore-1.10.2.tgz#73d6aa3668f3188e4adb0f1943bd12cfd7efaaaf" - integrity sha512-N4P+Q/BuyuEKFJ43B9gYuOj4TQUHXX+j2FqguVOpjkssLUUrnJofCcBccJSCoeturDoZU6GorDTHSvUDlSQbTg== + version "1.13.6" + resolved "https://registry.yarnpkg.com/underscore/-/underscore-1.13.6.tgz#04786a1f589dc6c09f761fc5f45b89e935136441" + integrity sha512-+A5Sja4HP1M08MaXya7p5LvjuM7K6q/2EaC0+iovj/wOcMsTzMvDFbasi/oSapiwOlt252IqsKqPjCl7huKS0A== union-value@^1.0.0: version "1.0.1" @@ -6639,16 +6627,16 @@ ws@^5.2.0: async-limiter "~1.0.0" ws@^6.1.0: - version "6.2.1" - resolved "https://registry.yarnpkg.com/ws/-/ws-6.2.1.tgz#442fdf0a47ed64f59b6a5d8ff130f4748ed524fb" - integrity sha512-GIyAXC2cB7LjvpgMt9EKS2ldqr0MTrORaleiOno6TweZ6r3TKtoFQWay/2PceJ3RuBasOHzXNn5Lrw1X0bEjqA== + version "6.2.2" + resolved "https://registry.yarnpkg.com/ws/-/ws-6.2.2.tgz#dd5cdbd57a9979916097652d78f1cc5faea0c32e" + integrity sha512-zmhltoSR8u1cnDsD43TX59mzoMZsLKqUweyYBAIvTngR3shc0W6aOZylZmq/7hqyVxPdi+5Ud2QInblgyE72fw== dependencies: async-limiter "~1.0.0" ws@^7.2.3: - version "7.3.0" - resolved "https://registry.yarnpkg.com/ws/-/ws-7.3.0.tgz#4b2f7f219b3d3737bc1a2fbf145d825b94d38ffd" - integrity sha512-iFtXzngZVXPGgpTlP1rBqsUK82p9tKqsWRPg5L56egiljujJT3vGAYnHANvFxBieXrTFavhzhxW52jnaWV+w2w== + version "7.5.9" + resolved "https://registry.yarnpkg.com/ws/-/ws-7.5.9.tgz#54fa7db29f4c7cec68b1ddd3a89de099942bb591" + integrity sha512-F+P9Jil7UiSKSkppIiD94dN07AwvFixvLIj1Og1Rl9GGMuNipJnV9JzjD6XuqmAeiswGvUmNLjr5cFuXwNS77Q== xml-name-validator@^3.0.0: version "3.0.0"