corso

larryh/corso

Fork 0

Commit Graph

Author	SHA1	Message	Date
Snyk bot	37cd9b8ca2	[Snyk] Security upgrade amazonlinux from latest to 2 (#2310 ) Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image. #### Changes included in this PR - src/testfiles/otel_daemon/Dockerfile We recommend upgrading to `amazonlinux:2`, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected. Some of the most important vulnerabilities in your base image include: \| Severity \| Issue \| Exploit Maturity \| \| :------: \| :---- \| :--------------- \| \| ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity") \| Integer Overflow or Wraparound <br/>[SNYK-AMZN2-KRB5LIBS-3244096](https://snyk.io/vuln/SNYK-AMZN2-KRB5LIBS-3244096) \| No Known Exploit \| \| ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity") \| Out-of-bounds Write <br/>[SNYK-AMZN2-VIMDATA-3244105](https://snyk.io/vuln/SNYK-AMZN2-VIMDATA-3244105) \| No Known Exploit \| \| ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity") \| Out-of-bounds Write <br/>[SNYK-AMZN2-VIMMINIMAL-3244088](https://snyk.io/vuln/SNYK-AMZN2-VIMMINIMAL-3244088) \| No Known Exploit \| --- Note: _You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs._ For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIyYjU3YTIwZC00N2VhLTQ2MTItODhmMC0zMjQ4ZWRjZWIzM2UiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjJiNTdhMjBkLTQ3ZWEtNDYxMi04OGYwLTMyNDhlZGNlYjMzZSJ9fQ==" width="0" height="0"/> 🧐 [View latest project report](https://app.snyk.io/org/asimonalcion.ai/project/70e8c43e-1af4-4f6c-97ce-f2acbe45f2f4?utm_source=github&utm_medium=referral&page=fix-pr) 🛠 [Adjust project settings](https://app.snyk.io/org/asimonalcion.ai/project/70e8c43e-1af4-4f6c-97ce-f2acbe45f2f4?utm_source=github&utm_medium=referral&page=fix-pr/settings) [//]: # 'snyk:metadata:{"prId":"2b57a20d-47ea-4612-88f0-3248edceb33e","prPublicId":"2b57a20d-47ea-4612-88f0-3248edceb33e","dependencies":[{"name":"amazonlinux","from":"latest","to":"2"}],"packageManager":"dockerfile","projectPublicId":"70e8c43e-1af4-4f6c-97ce-f2acbe45f2f4","projectUrl":"https://app.snyk.io/org/asimonalcion.ai/project/70e8c43e-1af4-4f6c-97ce-f2acbe45f2f4?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-AMZN2-KRB5LIBS-3244096","SNYK-AMZN2-VIMMINIMAL-3244088","SNYK-AMZN2-VIMDATA-3244105"],"upgrade":["SNYK-AMZN2-KRB5LIBS-3244096","SNYK-AMZN2-VIMDATA-3244105","SNYK-AMZN2-VIMMINIMAL-3244088"],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["updated-fix-title"],"priorityScoreList":[null,null,null]}' --- Learn how to fix vulnerabilities with free interactive lessons: 🦉 [Learn about vulnerability in an interactive lesson of Snyk Learn.](https://learn.snyk.io/?loc=fix-pr)	2023-01-28 03:24:12 +00:00
Keepers	953f038395	Add AWS X-Ray support (#1111 ) ## Description Add aws xray observability tooling, plus ways to quickly and easily run the tools/load tests. Next steps are 1/ running the daemon container alongside the load tests within github, and 2/ creating client credentials in aws's xray service so that gathered trace info is propagated from the daemon proxy to the xray service. ## Type of change - [x] 🤖 Test - [x] 💻 CI/Deployment ## Issue(s) * #902 ## Test Plan - [x] 💪 Manual - [x] 💚 E2E	2022-10-27 17:55:50 +00:00

Author

SHA1

Message

Date

Snyk bot

37cd9b8ca2

[Snyk] Security upgrade amazonlinux from latest to 2 (#2310 )

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

#### Changes included in this PR 


- src/testfiles/otel_daemon/Dockerfile

We recommend upgrading to `amazonlinux:2`, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.



Some of the most important vulnerabilities in your base image include:

| Severity                                                                                                           | Issue                                                                     | Exploit Maturity      |
| :------:                                                                                                           | :----                                                                     | :---------------      |
| ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png "high severity")   | Integer Overflow or Wraparound <br/>[SNYK-AMZN2-KRB5LIBS-3244096](https://snyk.io/vuln/SNYK-AMZN2-KRB5LIBS-3244096)   | No Known Exploit   |
| ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity")   | Out-of-bounds Write <br/>[SNYK-AMZN2-VIMDATA-3244105](https://snyk.io/vuln/SNYK-AMZN2-VIMDATA-3244105)   | No Known Exploit   |
| ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png "medium severity")   | Out-of-bounds Write <br/>[SNYK-AMZN2-VIMMINIMAL-3244088](https://snyk.io/vuln/SNYK-AMZN2-VIMMINIMAL-3244088)   | No Known Exploit   |



---

**Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs._

For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiIyYjU3YTIwZC00N2VhLTQ2MTItODhmMC0zMjQ4ZWRjZWIzM2UiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjJiNTdhMjBkLTQ3ZWEtNDYxMi04OGYwLTMyNDhlZGNlYjMzZSJ9fQ==" width="0" height="0"/>
🧐 [View latest project report](https://app.snyk.io/org/asimonalcion.ai/project/70e8c43e-1af4-4f6c-97ce-f2acbe45f2f4?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;fix-pr)

🛠 [Adjust project settings](https://app.snyk.io/org/asimonalcion.ai/project/70e8c43e-1af4-4f6c-97ce-f2acbe45f2f4?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;fix-pr/settings)

[//]: # 'snyk:metadata:{"prId":"2b57a20d-47ea-4612-88f0-3248edceb33e","prPublicId":"2b57a20d-47ea-4612-88f0-3248edceb33e","dependencies":[{"name":"amazonlinux","from":"latest","to":"2"}],"packageManager":"dockerfile","projectPublicId":"70e8c43e-1af4-4f6c-97ce-f2acbe45f2f4","projectUrl":"https://app.snyk.io/org/asimonalcion.ai/project/70e8c43e-1af4-4f6c-97ce-f2acbe45f2f4?utm_source=github&utm_medium=referral&page=fix-pr","type":"auto","patch":[],"vulns":["SNYK-AMZN2-KRB5LIBS-3244096","SNYK-AMZN2-VIMMINIMAL-3244088","SNYK-AMZN2-VIMDATA-3244105"],"upgrade":["SNYK-AMZN2-KRB5LIBS-3244096","SNYK-AMZN2-VIMDATA-3244105","SNYK-AMZN2-VIMMINIMAL-3244088"],"isBreakingChange":false,"env":"prod","prType":"fix","templateVariants":["updated-fix-title"],"priorityScoreList":[null,null,null]}'

---

**Learn how to fix vulnerabilities with free interactive lessons:**

 🦉 [Learn about vulnerability in an interactive lesson of Snyk Learn.](https://learn.snyk.io/?loc&#x3D;fix-pr)

2023-01-28 03:24:12 +00:00

Keepers

953f038395

Add AWS X-Ray support (#1111 )

## Description

Add aws xray observability tooling, plus ways to quickly and
easily run the tools/load tests.  Next steps are 1/ running the
daemon container alongside the load tests within github, and
2/ creating client credentials in aws's xray service so that
gathered trace info is propagated from the daemon proxy
to the xray service.

## Type of change

- [x] 🤖 Test
- [x] 💻 CI/Deployment

## Issue(s)

* #902

## Test Plan

- [x] 💪 Manual
- [x] 💚 E2E

2022-10-27 17:55:50 +00:00

2 Commits