From 77920e55fa4b3a30c6b27d4f0740a5460b04219d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Nov 2021 12:00:42 +0000 Subject: [PATCH 1/5] feat(deps): bump setuptools from 58.4.0 to 58.5.3 Bumps [setuptools](https://github.com/pypa/setuptools) from 58.4.0 to 58.5.3. - [Release notes](https://github.com/pypa/setuptools/releases) - [Changelog](https://github.com/pypa/setuptools/blob/main/CHANGES.rst) - [Commits](https://github.com/pypa/setuptools/compare/v58.4.0...v58.5.3) --- updated-dependencies: - dependency-name: setuptools dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 94a583b8..04404a48 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ -setuptools==58.4.0 +setuptools==58.5.3 thrift==0.15.0 python-keystoneclient openstacksdk ==0.59.0 From d5353e00c7b8784dd7e8ede22812597165df5cb9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Nov 2021 12:00:45 +0000 Subject: [PATCH 2/5] feat(deps): bump ansible from 4.7.0 to 4.8.0 Bumps [ansible](https://github.com/ansible/ansible) from 4.7.0 to 4.8.0. - [Release notes](https://github.com/ansible/ansible/releases) - [Commits](https://github.com/ansible/ansible/commits) --- updated-dependencies: - dependency-name: ansible dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 94a583b8..69ef4f3a 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,7 +4,7 @@ python-keystoneclient openstacksdk ==0.59.0 deprecated == 1.2.13 Click==8.0.3 -ansible==4.7.0 +ansible==4.8.0 flake8==4.0.1 ruamel.yaml<0.18.0 paramiko==2.8.0 From 36bb0e647d94a0a5f7720ccc6645c0eda83c113c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Nov 2021 12:08:54 +0000 Subject: [PATCH 3/5] feat(deps): bump peter-evans/create-pull-request from 3.10.1 to 3.11.0 Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.10.1 to 3.11.0. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/v3.10.1...v3.11.0) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/blacked.yml | 2 +- .github/workflows/update_docker_tags.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/blacked.yml b/.github/workflows/blacked.yml index 3d138c7c..7655e3d7 100644 --- a/.github/workflows/blacked.yml +++ b/.github/workflows/blacked.yml @@ -17,7 +17,7 @@ jobs: - name: Create Pull Request if: steps.git-check.outputs.modified == 'true' id: cpr - uses: peter-evans/create-pull-request@v3.10.1 + uses: peter-evans/create-pull-request@v3.11.0 with: token: ${{ secrets.GITHUB_TOKEN }} commit-message: fix(Linting):blacked code diff --git a/.github/workflows/update_docker_tags.yml b/.github/workflows/update_docker_tags.yml index 43f5cf02..ca6092b5 100644 --- a/.github/workflows/update_docker_tags.yml +++ b/.github/workflows/update_docker_tags.yml @@ -24,7 +24,7 @@ jobs: - name: Create Pull Request if: steps.git-check.outputs.modified == 'true' id: cpr - uses: peter-evans/create-pull-request@v3.10.1 + uses: peter-evans/create-pull-request@v3.11.0 with: token: ${{ secrets.GITHUB_TOKEN }} commit-message: feat(Dockerfile):updated dependencies From 520d67c6f8960bd9bdf5a592426156c7d9a08075 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Nov 2021 12:08:56 +0000 Subject: [PATCH 4/5] feat(deps): bump actions/checkout from 2.3.5 to 2.4.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.5 to 2.4.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2.3.5...v2.4.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/blacked.yml | 2 +- .github/workflows/build_image.yml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/master-protection.yml | 2 +- .github/workflows/publish_docker.yml | 2 +- .github/workflows/release_image.yml | 2 +- .github/workflows/update_docker_tags.yml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/blacked.yml b/.github/workflows/blacked.yml index 3d138c7c..d97a376b 100644 --- a/.github/workflows/blacked.yml +++ b/.github/workflows/blacked.yml @@ -4,7 +4,7 @@ jobs: format: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2.3.5 + - uses: actions/checkout@v2.4.0 - name: Checking out Branch run: git checkout "${GITHUB_REF:11}" - name: black diff --git a/.github/workflows/build_image.yml b/.github/workflows/build_image.yml index 455355fe..68c3ca74 100644 --- a/.github/workflows/build_image.yml +++ b/.github/workflows/build_image.yml @@ -8,5 +8,5 @@ jobs: uses: rokroskar/workflow-run-cleanup-action@v0.3.3 env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - - uses: actions/checkout@v2.3.5 + - uses: actions/checkout@v2.4.0 - run: docker build --no-cache . diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index e508d04e..da6bc877 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -35,7 +35,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2.3.5 + uses: actions/checkout@v2.4.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/master-protection.yml b/.github/workflows/master-protection.yml index 5376e4a7..3dae5218 100644 --- a/.github/workflows/master-protection.yml +++ b/.github/workflows/master-protection.yml @@ -14,7 +14,7 @@ jobs: uses: rokroskar/workflow-run-cleanup-action@v0.3.3 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - uses: actions/checkout@v2.3.5 + - uses: actions/checkout@v2.4.0 - name: Check Tag run: | diff --git a/.github/workflows/publish_docker.yml b/.github/workflows/publish_docker.yml index c61f1ae8..e64fe7a5 100644 --- a/.github/workflows/publish_docker.yml +++ b/.github/workflows/publish_docker.yml @@ -15,7 +15,7 @@ jobs: uses: rokroskar/workflow-run-cleanup-action@v0.3.3 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - uses: actions/checkout@v2.3.5 + - uses: actions/checkout@v2.4.0 - name: Extract branch name shell: bash run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})" diff --git a/.github/workflows/release_image.yml b/.github/workflows/release_image.yml index 7be6bf83..761be986 100644 --- a/.github/workflows/release_image.yml +++ b/.github/workflows/release_image.yml @@ -11,7 +11,7 @@ jobs: - name: Get the version id: get_version run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\//} - - uses: actions/checkout@v2.3.5 + - uses: actions/checkout@v2.4.0 - name: Publish to Registry uses: elgohr/Publish-Docker-Github-Action@master with: diff --git a/.github/workflows/update_docker_tags.yml b/.github/workflows/update_docker_tags.yml index 43f5cf02..75004df7 100644 --- a/.github/workflows/update_docker_tags.yml +++ b/.github/workflows/update_docker_tags.yml @@ -14,7 +14,7 @@ jobs: uses: rokroskar/workflow-run-cleanup-action@v0.3.3 env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - - uses: actions/checkout@v2.3.5 + - uses: actions/checkout@v2.4.0 - run: | python3 update_env_by_dockerfile.py Dockerfile.update .env.in echo $? From 182df6793aa0fb47603311cd696d45a8859d6313 Mon Sep 17 00:00:00 2001 From: vktrrdk Date: Wed, 10 Nov 2021 19:40:40 +0100 Subject: [PATCH 5/5] fix(Security): added missing return statements --- VirtualMachineService/VirtualMachineHandler.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/VirtualMachineService/VirtualMachineHandler.py b/VirtualMachineService/VirtualMachineHandler.py index 2a78dfc1..ca87e7ea 100644 --- a/VirtualMachineService/VirtualMachineHandler.py +++ b/VirtualMachineService/VirtualMachineHandler.py @@ -2204,13 +2204,13 @@ def create_snapshot(self, openstack_id, name, elixir_id, base_tags, description) LOG.exception("Create snapshot {0} error: {1}".format(openstack_id, e)) raise conflictException(Reason="409") + return None except Exception: LOG.exception("Instance {0} not found".format(openstack_id)) - return + return None try: snapshot = self.conn.get_image_by_id(snapshot_munch["id"]) snapshot_id = snapshot["id"] - # todo check again try: image = self.conn.get_image(name_or_id=snapshot_id) if description: @@ -2222,12 +2222,14 @@ def create_snapshot(self, openstack_id, name, elixir_id, base_tags, description) self.conn.image.add_tag(image=snapshot_id, tag=tag) except Exception: LOG.exception("Tag error catched") + return None try: self.conn.image.add_tag(image=snapshot_id, tag=elixir_id) except Exception: LOG.exception( f"Could not add Tag {elixir_id} to Snapshot: {snapshot_id}" ) + return None return snapshot_id except Exception as e: