From 4afbbf16d6d8d33e1f6a3a02273f160d39a494c2 Mon Sep 17 00:00:00 2001 From: Sravani Sanigepalli Date: Tue, 11 Jun 2024 12:13:24 +0530 Subject: [PATCH] CASMPET-6936 Adding images for strimzi kafka 0.41.0 --- .../strimzi/kafka-bridge/0.28.0/Dockerfile | 27 +++++++++++++ .../Dockerfile | 40 +++++++++++++++++++ .../Dockerfile | 40 +++++++++++++++++++ .../Dockerfile | 40 +++++++++++++++++++ .../Dockerfile | 40 +++++++++++++++++++ quay.io/strimzi/operator/1.41.0/Dockerfile | 27 +++++++++++++ 6 files changed, 214 insertions(+) create mode 100644 quay.io/strimzi/kafka-bridge/0.28.0/Dockerfile create mode 100644 quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.6.0/Dockerfile create mode 100644 quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.6.1/Dockerfile create mode 100644 quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.6.2/Dockerfile create mode 100644 quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.7.0/Dockerfile create mode 100644 quay.io/strimzi/operator/1.41.0/Dockerfile diff --git a/quay.io/strimzi/kafka-bridge/0.28.0/Dockerfile b/quay.io/strimzi/kafka-bridge/0.28.0/Dockerfile new file mode 100644 index 00000000..0a66e36c --- /dev/null +++ b/quay.io/strimzi/kafka-bridge/0.28.0/Dockerfile @@ -0,0 +1,27 @@ +# +# MIT License +# +# (C) Copyright [2022] Hewlett Packard Enterprise Development LP +# +# Permission is hereby granted, free of charge, to any person obtaining a +# copy of this software and associated documentation files (the "Software"), +# to deal in the Software without restriction, including without limitation +# the rights to use, copy, modify, merge, publish, distribute, sublicense, +# and/or sell copies of the Software, and to permit persons to whom the +# Software is furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included +# in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL +# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. +# +FROM quay.io/strimzi/kafka-bridge:0.28.0 +USER root +RUN microdnf -y update && microdnf clean all +USER 1001 diff --git a/quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.6.0/Dockerfile b/quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.6.0/Dockerfile new file mode 100644 index 00000000..da3f9cf6 --- /dev/null +++ b/quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.6.0/Dockerfile @@ -0,0 +1,40 @@ +# +# MIT License +# +# (C) Copyright [2022] Hewlett Packard Enterprise Development LP +# +# Permission is hereby granted, free of charge, to any person obtaining a +# copy of this software and associated documentation files (the "Software"), +# to deal in the Software without restriction, including without limitation +# the rights to use, copy, modify, merge, publish, distribute, sublicense, +# and/or sell copies of the Software, and to permit persons to whom the +# Software is furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included +# in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL +# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. +# +FROM quay.io/strimzi/kafka:0.41.0-kafka-3.6.0 +USER root +RUN microdnf -y update && microdnf -y install zip && microdnf clean all + +# Mitigation for CVE-2021-4104 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/net/JMSAppender.class + +# Mitigation for CVE-2022-23305 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/jdbc/JDBCAppender.class + +# Mitigation for CVE-2022-23307 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/chainsaw\* + +# Mitigation for CVE-2022-23302 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/net/JMSSink.class + +USER 1001 diff --git a/quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.6.1/Dockerfile b/quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.6.1/Dockerfile new file mode 100644 index 00000000..1c517bf7 --- /dev/null +++ b/quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.6.1/Dockerfile @@ -0,0 +1,40 @@ +# +# MIT License +# +# (C) Copyright [2022] Hewlett Packard Enterprise Development LP +# +# Permission is hereby granted, free of charge, to any person obtaining a +# copy of this software and associated documentation files (the "Software"), +# to deal in the Software without restriction, including without limitation +# the rights to use, copy, modify, merge, publish, distribute, sublicense, +# and/or sell copies of the Software, and to permit persons to whom the +# Software is furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included +# in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL +# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. +# +FROM quay.io/strimzi/kafka:0.41.0-kafka-3.6.1 +USER root +RUN microdnf -y update && microdnf -y install zip && microdnf clean all + +# Mitigation for CVE-2021-4104 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/net/JMSAppender.class + +# Mitigation for CVE-2022-23305 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/jdbc/JDBCAppender.class + +# Mitigation for CVE-2022-23307 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/chainsaw\* + +# Mitigation for CVE-2022-23302 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/net/JMSSink.class + +USER 1001 diff --git a/quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.6.2/Dockerfile b/quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.6.2/Dockerfile new file mode 100644 index 00000000..ba1e7174 --- /dev/null +++ b/quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.6.2/Dockerfile @@ -0,0 +1,40 @@ +# +# MIT License +# +# (C) Copyright [2022] Hewlett Packard Enterprise Development LP +# +# Permission is hereby granted, free of charge, to any person obtaining a +# copy of this software and associated documentation files (the "Software"), +# to deal in the Software without restriction, including without limitation +# the rights to use, copy, modify, merge, publish, distribute, sublicense, +# and/or sell copies of the Software, and to permit persons to whom the +# Software is furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included +# in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL +# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. +# +FROM quay.io/strimzi/kafka:0.41.0-kafka-3.6.2 +USER root +RUN microdnf -y update && microdnf -y install zip && microdnf clean all + +# Mitigation for CVE-2021-4104 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/net/JMSAppender.class + +# Mitigation for CVE-2022-23305 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/jdbc/JDBCAppender.class + +# Mitigation for CVE-2022-23307 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/chainsaw\* + +# Mitigation for CVE-2022-23302 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/net/JMSSink.class + +USER 1001 diff --git a/quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.7.0/Dockerfile b/quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.7.0/Dockerfile new file mode 100644 index 00000000..d9025d4e --- /dev/null +++ b/quay.io/strimzi/kafka/0.41.0-noJSM-chainsaw-kafka-3.7.0/Dockerfile @@ -0,0 +1,40 @@ +# +# MIT License +# +# (C) Copyright [2022] Hewlett Packard Enterprise Development LP +# +# Permission is hereby granted, free of charge, to any person obtaining a +# copy of this software and associated documentation files (the "Software"), +# to deal in the Software without restriction, including without limitation +# the rights to use, copy, modify, merge, publish, distribute, sublicense, +# and/or sell copies of the Software, and to permit persons to whom the +# Software is furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included +# in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL +# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. +# +FROM quay.io/strimzi/kafka:0.41.0-kafka-3.7.0 +USER root +RUN microdnf -y update && microdnf -y install zip && microdnf clean all + +# Mitigation for CVE-2021-4104 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/net/JMSAppender.class + +# Mitigation for CVE-2022-23305 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/jdbc/JDBCAppender.class + +# Mitigation for CVE-2022-23307 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/chainsaw\* + +# Mitigation for CVE-2022-23302 +#RUN zip -q -d /opt/kafka/libs/log4j-1.2.17.jar org/apache/log4j/net/JMSSink.class + +USER 1001 diff --git a/quay.io/strimzi/operator/1.41.0/Dockerfile b/quay.io/strimzi/operator/1.41.0/Dockerfile new file mode 100644 index 00000000..306d285c --- /dev/null +++ b/quay.io/strimzi/operator/1.41.0/Dockerfile @@ -0,0 +1,27 @@ +# +# MIT License +# +# (C) Copyright [2022] Hewlett Packard Enterprise Development LP +# +# Permission is hereby granted, free of charge, to any person obtaining a +# copy of this software and associated documentation files (the "Software"), +# to deal in the Software without restriction, including without limitation +# the rights to use, copy, modify, merge, publish, distribute, sublicense, +# and/or sell copies of the Software, and to permit persons to whom the +# Software is furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included +# in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL +# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR +# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, +# ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. +# +FROM quay.io/strimzi/operator:0.41.0 +USER root +RUN microdnf -y update && microdnf clean all +USER 1001