search

openimsdk / openim-docker

openim-docker configuration for deploying OpenIM. Provides a build solution for a stable distribution, as well as a docker compose deployment strategy
https://openim.io
Apache License 2.0
36 stars 46 forks source link

fix: fix Security vulnerability #61

Closed cubxxw closed 8 months ago

cubxxw commented 8 months ago


πŸ” What type of PR is this?

πŸ‘€ What this PR does / why we need it:

πŸ…° Which issue(s) this PR fixes:

Fixes #

πŸ“ Special notes for your reviewer:

🎯 Describe how to verify it

πŸ“‘ Additional documentation e.g., RFC, notion, Google docs, usage docs, etc.:

sweep-ai[bot] commented 8 months ago

Apply Sweep Rules to your PR?

sweep-ai[bot] commented 8 months ago
Sweeping Fixing PR: track the progress here.

I'm currently fixing this PR to address the following:

[Sweep GHA Fix] The GitHub Actions run failed with the following error logs: ``` The command: Run ./scripts/init-config.sh --force yielded the following error: ##[error]Process completed with exit code 1. ##[group]Run ./scripts/init-config.sh --force ./scripts/init-config.sh --force docker-compose -f example/volume-all-server.yml up -d docker-compose -f example/volume-all-server.yml ps docker-compose -f example/volume-all-server.yml down shell: /usr/bin/bash -e {0} ##[endgroup] Generating configuration file... Configuration file generated. The MYSQL_PORT variable is not set. Defaulting to a blank string. The MYSQL_PASSWORD variable is not set. Defaulting to a blank string. The MYSQL_NETWORK_ADDRESS variable is not set. Defaulting to a blank string. The MONGO_PORT variable is not set. Defaulting to a blank string. The MONGO_USERNAME variable is not set. Defaulting to a blank string. The MONGO_PASSWORD variable is not set. Defaulting to a blank string. The MONGO_DATABASE variable is not set. Defaulting to a blank string. The MONGO_NETWORK_ADDRESS variable is not set. Defaulting to a blank string. The REDIS_PORT variable is not set. Defaulting to a blank string. The REDIS_PASSWORD variable is not set. Defaulting to a blank string. The REDIS_NETWORK_ADDRESS variable is not set. Defaulting to a blank string. The ZOOKEEPER_PORT variable is not set. Defaulting to a blank string. The ZOOKEEPER_NETWORK_ADDRESS variable is not set. Defaulting to a blank string. The KAFKA_PORT variable is not set. Defaulting to a blank string. The SERVER_IMAGE_VERSION variable is not set. Defaulting to a blank string. The DOCKER_BRIDGE_GATEWAY variable is not set. Defaulting to a blank string. The KAFKA_NETWORK_ADDRESS variable is not set. Defaulting to a blank string. The MINIO_PORT variable is not set. Defaulting to a blank string. The MINIO_ACCESS_KEY variable is not set. Defaulting to a blank string. The MINIO_SECRET_KEY variable is not set. Defaulting to a blank string. The MINIO_NETWORK_ADDRESS variable is not set. Defaulting to a blank string. The IMAGE_REGISTRY variable is not set. Defaulting to a blank string. The OPENIM_WEB_DIST_PATH variable is not set. Defaulting to a blank string. The OPENIM_WEB_PORT variable is not set. Defaulting to a blank string. The OPENIM_WEB_NETWORK_ADDRESS variable is not set. Defaulting to a blank string. The OPENIM_WS_PORT variable is not set. Defaulting to a blank string. The API_OPENIM_PORT variable is not set. Defaulting to a blank string. The OPENIM_SERVER_NETWORK_ADDRESS variable is not set. Defaulting to a blank string. The CHAT_IMAGE_VERSION variable is not set. Defaulting to a blank string. The OPENIM_CHAT_API_PORT variable is not set. Defaulting to a blank string. The OPENIM_ADMIN_API_PORT variable is not set. Defaulting to a blank string. The OPENIM_CHAT_NETWORK_ADDRESS variable is not set. Defaulting to a blank string. The PROMETHEUS_PORT variable is not set. Defaulting to a blank string. The PROMETHEUS_NETWORK_ADDRESS variable is not set. Defaulting to a blank string. The GRAFANA_PORT variable is not set. Defaulting to a blank string. The GRAFANA_NETWORK_ADDRESS variable is not set. Defaulting to a blank string. The NODE_EXPORTER_PORT variable is not set. Defaulting to a blank string. The NODE_EXPORTER_NETWORK_ADDRESS variable is not set. Defaulting to a blank string. The DOCKER_BRIDGE_SUBNET variable is not set. Defaulting to a blank string. The Compose file './example/volume-all-server.yml' is invalid because: networks.openim-server.ipam.config.subnet is invalid: should use the CIDR format services.openim-server.ports contains an invalid type, it should be a number, or an object services.openim-server.ports contains an invalid type, it should be a number, or an object services.openim-chat.ports contains an invalid type, it should be a number, or an object services.openim-chat.ports contains an invalid type, it should be a number, or an object services.openim-web.ports contains an invalid type, it should be a number, or an object services.zookeeper.ports contains an invalid type, it should be a number, or an object services.mongodb.ports contains an invalid type, it should be a number, or an object services.grafana.ports contains an invalid type, it should be a number, or an object services.mysql.ports contains an invalid type, it should be a number, or an object services.redis.ports contains an invalid type, it should be a number, or an object services.minio.ports contains an invalid type, it should be a number, or an object services.prometheus.ports contains an invalid type, it should be a number, or an object services.kafka.ports contains an invalid type, it should be a number, or an object services.node-exporter.ports contains an invalid type, it should be a number, or an object ##[error]Process completed with exit code 1. ##[group]Run ./scripts/init-config.sh --force ./scripts/init-config.sh --force docker-compose -f /scripts/init-config.sh --forceexample/host-network-basic-openim-server-dependency.yml up -d docker-compose -f /scripts/init-config.sh --forceexample/host-network-basic-openim-server-dependency.yml ps docker-compose -f /scripts/init-config.sh --forceexample/host-network-basic-openim-server-dependency.yml down shell: /usr/bin/bash -e {0} ##[endgroup] Generating configuration file... Configuration file generated. Define and run multi-container applications with Docker. Usage: docker-compose [-f ...] [--profile ...] [options] [--] [COMMAND] [ARGS...] docker-compose -h|--help Options: -f, --file FILE Specify an alternate compose file (default: docker-compose.yml) -p, --project-name NAME Specify an alternate project name (default: directory name) --profile NAME Specify a profile to enable -c, --context NAME Specify a context name --verbose Show more output --log-level LEVEL Set log level (DEBUG, INFO, WARNING, ERROR, CRITICAL) --ansi (never|always|auto) Control when to print ANSI control characters --no-ansi Do not print ANSI control characters (DEPRECATED) -v, --version Print version and exit -H, --host HOST Daemon socket to connect to --tls Use TLS; implied by --tlsverify --tlscacert CA_PATH Trust certs signed only by this CA --tlscert CLIENT_CERT_PATH Path to TLS certificate file --tlskey TLS_KEY_PATH Path to TLS key file --tlsverify Use TLS and verify the remote --skip-hostname-check Don't check the daemon's hostname against the name specified in the client certificate --project-directory PATH Specify an alternate working directory (default: the path of the Compose file) --compatibility If set, Compose will attempt to convert keys in v3 files to their non-Swarm equivalent (DEPRECATED) --env-file PATH Specify an alternate environment file Commands: build Build or rebuild services config Validate and view the Compose file create Create services down Stop and remove resources events Receive real time events from containers exec Execute a command in a running container help Get help on a command images List images kill Kill containers logs View output from containers pause Pause services port Print the public port for a port binding ps List containers pull Pull service images push Push service images restart Restart services rm Remove stopped containers run Run a one-off command scale Set number of containers for a service start Start services stop Stop services top Display the running processes unpause Unpause services up Create and start containers version Show version information and quit ##[error]Process completed with exit code 1. ##[group]Run ./scripts/init-config.sh --force ./scripts/init-config.sh --force docker-compose up -d docker-compose ps docker-compose logs openim-server docker-compose logs openim-chat docker-compose down shell: /usr/bin/bash -e {0} ##[endgroup] Generating configuration file... Configuration file generated. Creating network "openim-docker_openim-server" with driver "bridge" Pulling mysql (mysql:5.7)... 5.7: Pulling from library/mysql Digest: sha256:4bc6bc963e6d8443453676cae56536f4b8156d78bae03c0145cbe47c2aad73bb Status: Downloaded newer image for mysql:5.7 Pulling mongodb (mongo:6.0.2)... 6.0.2: Pulling from library/mongo Digest: sha256:71a63fc2438e45714f6c8a2505968ee0beeb94ec77a88ef12190f7cee9b95f32 Status: Downloaded newer image for mongo:6.0.2 Pulling redis (redis:7.0.0)... 7.0.0: Pulling from library/redis Digest: sha256:1b90dbfe6943c72a7469c134cad3f02eb810f016049a0e19ad78be07040cdb0c Status: Downloaded newer image for redis:7.0.0 Pulling zookeeper (bitnami/zookeeper:3.8)... 3.8: Pulling from bitnami/zookeeper Digest: sha256:9ca1f2942f96aa7efbce3cccb72f47da5616a3d79abc1d47820bf82183539321 Status: Downloaded newer image for bitnami/zookeeper:3.8 Pulling kafka (bitnami/kafka:3.5.1)... 3.5.1: Pulling from bitnami/kafka Digest: sha256:c98ae8022239c956ed81c761262d018ce9a22bb2ef0214e2be670ee6b71741db Status: Downloaded newer image for bitnami/kafka:3.5.1 Pulling minio (minio/minio:latest)... latest: Pulling from minio/minio Digest: sha256:47d5b01cc3020efa39aac112a7cbc919af5fb18f9ebc63bda31683590715c42b Status: Downloaded newer image for minio/minio:latest Pulling openim-server (ghcr.io/openimsdk/openim-server:release-v3.5)... release-v3.5: Pulling from openimsdk/openim-server Digest: sha256:2aef4f140e217845ae00b71661359d9bb3e476ce4571fe6c26b7fa1b371c5594 Status: Downloaded newer image for ghcr.io/openimsdk/openim-server:release-v3.5 Pulling openim-chat (ghcr.io/openimsdk/openim-chat:release-v1.5)... manifest unknown ##[error]Process completed with exit code 1. ##[group]Run ./scripts/init-config.sh --force ./scripts/init-config.sh --force docker-compose -f example/only-openim-server.yml up -d docker-compose -f example/only-openim-server.yml ps docker-compose -f example/only-openim-server.yml down shell: /usr/bin/bash -e {0} ##[endgroup] Generating configuration file... Configuration file generated. Couldn't find env file: /home/runner/work/openim-docker/openim-docker/example/.env ##[error]Process completed with exit code 1. Here are the logs: Generating configuration file... Configuration file generated. Couldn't find env file: /home/runner/work/openim-docker/openim-docker/example/.env ```
pull-request-size[bot] commented 8 months ago

Whoa! Easy there, Partner!

This PR is too big. Please break it up into smaller PRs.