Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CFN Fix, Docker update #283

Merged
merged 13 commits into from
Jun 24, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/push-ocr-public.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,15 +25,15 @@ jobs:

# Get OCR Repo Information
- name: Get OCR Repository
uses: oracle-actions/get-ocir-repository@v1.2.1
uses: oracle-actions/get-ocir-repository@v1.3.0
id: get-ocir-repository
with:
name: electriceye
compartment: ${{ secrets.OCI_COMPARTMENT_OCID }}

# Log into OCR with AuthKey
- name: OCR Login
uses: oracle-actions/login-ocir@v1.2.1
uses: oracle-actions/login-ocir@v1.3.0
id: login-ocir
with:
auth_token: ${{ secrets.OCR_AUTHKEY }}
Expand Down
16 changes: 8 additions & 8 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,10 @@
#specific language governing permissions and limitations
#under the License.

# latest hash as of 25 JAN 2024 - Alpine 3.19.1
# https://hub.docker.com/layers/library/alpine/3.19.1/images/sha256-6457d53fb065d6f250e1504b9bc42d5b6c65941d57532c072d929dd0628977d0?context=explore&tab=vulnerabilities
# latest hash as of 21 JUNE 2024 - Alpine 3.20.1
# https://hub.docker.com/layers/library/alpine/3.20.1/images/sha256-dabf91b69c191a1a0a1628fd6bdd029c0c4018041c7f052870bb13c5a222ae76?context=explore
# use as builder image to pull in required deps
FROM alpine@sha256:6457d53fb065d6f250e1504b9bc42d5b6c65941d57532c072d929dd0628977d0 AS builder
FROM alpine@sha256:b89d9c93e9ed3597455c90a0b88a8bbb5cb7188438f70953fede212a0c4394e0 AS builder

ENV PYTHONUNBUFFERED=1

Expand All @@ -40,19 +40,19 @@ RUN \
rm -rf /tmp/* && \
rm -f /var/cache/apk/*

# latest hash as of 25 JAN 2024 - Alpine 3.19.1
# https://hub.docker.com/layers/library/alpine/3.19.1/images/sha256-6457d53fb065d6f250e1504b9bc42d5b6c65941d57532c072d929dd0628977d0?context=explore&tab=vulnerabilities
FROM alpine@sha256:6457d53fb065d6f250e1504b9bc42d5b6c65941d57532c072d929dd0628977d0 as electriceye
# latest hash as of 21 JUNE 2024 - Alpine 3.20.1
# https://hub.docker.com/layers/library/alpine/3.20.1/images/sha256-dabf91b69c191a1a0a1628fd6bdd029c0c4018041c7f052870bb13c5a222ae76?context=explore
FROM alpine@sha256:b89d9c93e9ed3597455c90a0b88a8bbb5cb7188438f70953fede212a0c4394e0 as electriceye

COPY --from=builder /usr /usr

LABEL \
org.opencontainers.image.title="ElectricEye" \
org.opencontainers.image.description="ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks." \
org.opencontainers.image.version="3.0" \
org.opencontainers.image.created="2024-02-02T00:00:00Z" \
org.opencontainers.image.created="2024-06-24T00:00:00Z" \
org.opencontainers.image.documentation="https://github.com/jonrau1/ElectricEye" \
org.opencontainers.image.revision="sha256:6457d53fb065d6f250e1504b9bc42d5b6c65941d57532c072d929dd0628977d0" \
org.opencontainers.image.revision="sha256:b89d9c93e9ed3597455c90a0b88a8bbb5cb7188438f70953fede212a0c4394e0" \
org.opencontainers.image.source="https://github.com/alpinelinux/docker-alpine" \
org.opencontainers.image.licenses="Apache-2.0" \
org.opencontainers.image.authors="[email protected]"
Expand Down
12 changes: 6 additions & 6 deletions cloudformation/ElectricEye_Organizations_StackSet.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -177,10 +177,10 @@ Resources:
- memorydb:Describe*
- mq:Describe*
- mq:List*
- qbusiness:L*
- qldb:ListJournalS3Exports
- qbusiness:D*
- qldb:ListLedgers
- qbusiness:GetApplication
- qbusiness:ListApplications
- ram:GetResourceShares
- rds:DescribeDB*
- rds:DescribeEvent*
Expand All @@ -206,7 +206,7 @@ Resources:
- securityhub:BatchIm*
- securityhub:DescribeHub
- shield:Describ*
- shield:ListAttacks
- shield:ListA*
- sns:GetTopicAttributes
- sns:ListSub*
- ssm:ListDocuments
Expand All @@ -220,9 +220,9 @@ Resources:
- support:DescribeTrustedA*
- vpc-lattice:Get*
- vpc-lattice:List*
- wafv2:GetLoggingConfiguration
- wafv2:GetLogging*
- wafv2:GetWeb*
- wafv2:ListWebACLs
- wafv2:ListW*
- workspaces:DescribeWorkspaceDirectories
- workspaces:DescribeWorkspaces
- xray:GetEncryptionConfig
Expand All @@ -242,4 +242,4 @@ Resources:
-
Key: Service
Value: ElectricEye
# END
# END
2 changes: 1 addition & 1 deletion requirements-docker.txt
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
awscli>=1.32.108
boto3>=1.34.108
click==8.1.7
detect-secrets==1.4.0
detect-secrets==1.5.0
google-api-python-client>=2.88.0
oci>=2.104.0
pluginbase==1.0.1
Expand Down
2 changes: 1 addition & 1 deletion requirements.txt
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
awscli>=1.32.108
boto3>=1.34.108
click==8.1.7
detect-secrets==1.4.0
detect-secrets==1.5.0
google-api-python-client>=2.88.0
matplotlib>=3.9.0
oci>=2.104.0
Expand Down
Loading