From bee504ced3a7785d657afcbdfbfad75c6abbe696 Mon Sep 17 00:00:00 2001 From: Timo Tietavainen Date: Thu, 25 Feb 2021 14:29:04 +0200 Subject: [PATCH] Update openssl package of DBAAS docker image Update openssl package to version openssl-1.1.1j-r0, because current version has an SSL related security vulnerability. DBAAS doesn't use SSL so we shouldn't face the issue but anyhow better to fix it. More information about the issue can be found from here: libcrypto1.1 (fixed in: 1.1.1i-r0)(CVE-2020-1971) libssl1.1 (fixed in: 1.1.1i-r0)(CVE-2020-1971) http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971) Fixed also DBAAS testing application compile issue due to redis-client dependency issue with the latest version of the go.opentelemetry.io/otel package. Issue-ID: RIC-755 Signed-off-by: Timo Tietavainen Change-Id: Icc1206c6c435a88217aea407b574fc5865e59ae8 --- container-tag.yaml | 2 +- docker/Dockerfile.redis | 1 + docker/Dockerfile.testapp | 11 ++++++----- docs/release-notes.rst | 5 +++++ testapplication/go/go.mod | 7 +++++++ testapplication/go/sdl/sdl.go | 27 ++++++++++++++++++++------- testapplication/go/testapp.go | 7 ++++++- 7 files changed, 46 insertions(+), 14 deletions(-) create mode 100644 testapplication/go/go.mod diff --git a/container-tag.yaml b/container-tag.yaml index 680b74d..e5de87a 100644 --- a/container-tag.yaml +++ b/container-tag.yaml @@ -2,4 +2,4 @@ # This file is expected to be in the docker build directory; # can be moved with suitable JJB configuration. --- -tag: '0.5.0' +tag: '0.5.1' diff --git a/docker/Dockerfile.redis b/docker/Dockerfile.redis index 7650919..1e2ffa8 100644 --- a/docker/Dockerfile.redis +++ b/docker/Dockerfile.redis @@ -73,6 +73,7 @@ RUN ./autogen.sh && \ FROM redis:5.0.9-alpine3.11 as build +RUN apk add --upgrade openssl RUN apk add curl COPY --from=build-env /usr/local/libexec/redismodule/libredismodule.so /usr/local/libexec/redismodule/libredismodule.so WORKDIR /data diff --git a/docker/Dockerfile.testapp b/docker/Dockerfile.testapp index 74f9bb4..b15c772 100644 --- a/docker/Dockerfile.testapp +++ b/docker/Dockerfile.testapp @@ -25,8 +25,8 @@ RUN apt-get update && \ apt install -y redis-tools && \ apt install -y git && \ apt install -y wget && \ - wget https://dl.google.com/go/go1.15.6.linux-amd64.tar.gz && \ - tar -xvf go1.15.6.linux-amd64.tar.gz && \ + wget https://golang.org/dl/go1.12.17.linux-amd64.tar.gz && \ + tar -xvf go1.12.17.linux-amd64.tar.gz && \ mv go /usr/local && \ apt-get clean @@ -35,10 +35,11 @@ COPY ./testapplication ./testapplication # Install go testapplication RUN export GOROOT=/usr/local/go && \ - export GOPATH=$HOME/Projects/Proj1 && \ - export PATH=$GOPATH/bin:$GOROOT/bin:$PATH && \ + export PATH=$GOROOT/bin:$PATH && \ + export GO111MODULE=on && \ go get github.com/go-redis/redis && \ - go build /testapplication/go/testapp.go + cd /testapplication/go/ && \ + go build ./... # Keep the container alive ENTRYPOINT ["tail", "-f", "/dev/null"] diff --git a/docs/release-notes.rst b/docs/release-notes.rst index a54c4f5..00cb3e2 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -30,6 +30,11 @@ This document provides the release notes of the dbaas. Version history --------------- +[0.5.1] - 2021-02-25 + +* Upgrade SSL version to 1.1.1j-r0 to fix possible SSL security vulnerability. +* Fix DBAAS testing application compile issue. + [0.5.0] - 2020-12-11 * Upgrade DBAAS container's base Redis image to redis:5.0.9-alpine3.11. diff --git a/testapplication/go/go.mod b/testapplication/go/go.mod new file mode 100644 index 0000000..b4dd1a5 --- /dev/null +++ b/testapplication/go/go.mod @@ -0,0 +1,7 @@ +module testapp + +go 1.12 + +require github.com/go-redis/redis v6.15.9+incompatible + +replace go.opentelemetry.io/otel => go.opentelemetry.io/otel v0.16.0 diff --git a/testapplication/go/sdl/sdl.go b/testapplication/go/sdl/sdl.go index 5887b92..315afa8 100644 --- a/testapplication/go/sdl/sdl.go +++ b/testapplication/go/sdl/sdl.go @@ -61,11 +61,11 @@ func Create(nameSpace string) *SdlInstance { func (s *SdlInstance) CheckRedisModuleExtensionCommands() { var moduleError bool - commands, err := s.client.Command(s.client.Context()).Result() + commands, err := s.client.Command().Result() if err == nil { redisModuleCommands := []string{ - "setie", "delie", "setiepub", "setnxpub", - "msetmpub", "delmpub", + "setie", "delie", "setiepub", "deliepub", + "setnxpub", "msetmpub", "delmpub", } for _, v := range redisModuleCommands { _, ok := commands[v] @@ -117,9 +117,22 @@ func (s *SdlInstance) setNamespaceToKeys(pairs ...interface{}) []interface{} { return retVal } +func checkResultAndError(result interface{}, err error) (bool, error) { + if err != nil { + if err == redis.Nil { + return false, nil + } + return false, err + } + if result == "OK" { + return true, nil + } + return false, nil +} + func (s *SdlInstance) Set(pairs ...interface{}) error { keyAndData := s.setNamespaceToKeys(pairs...) - err := s.client.MSet(s.client.Context(), keyAndData...).Err() + err := s.client.MSet(keyAndData...).Err() return err } @@ -128,7 +141,7 @@ func (s *SdlInstance) Get(keys []string) (map[string]interface{}, error) { for _, v := range keys { keysWithNs = append(keysWithNs, s.nsPrefix+v) } - val, err := s.client.MGet(s.client.Context(), keysWithNs...).Result() + val, err := s.client.MGet(keysWithNs...).Result() m := make(map[string]interface{}) if err != nil { return m, err @@ -139,8 +152,8 @@ func (s *SdlInstance) Get(keys []string) (map[string]interface{}, error) { return m, err } -func (s *SdlInstance) SetIf(key string, oldData, newData interface{}) { - panic("SetIf not implemented\n") +func (s *SdlInstance) SetIf(key string, oldData, newData interface{}) (bool, error) { + return checkResultAndError(s.client.Do("SETIE", key, newData, oldData).Result()) } func (s *SdlInstance) SetIfiNotExists(key string, data interface{}) { diff --git a/testapplication/go/testapp.go b/testapplication/go/testapp.go index ae05850..32127a1 100644 --- a/testapplication/go/testapp.go +++ b/testapplication/go/testapp.go @@ -21,8 +21,8 @@ package main import ( - "./sdl" "fmt" + "testapp/sdl" ) func main() { @@ -73,6 +73,11 @@ func main() { fmt.Printf("unable to write to DB\n") } + _, err = sdl1.SetIf("key1", "data1", "data2") + if err != nil { + fmt.Printf("unable to write to DB\n") + } + retDataMap, err := sdl1.Get([]string{"key1", "key3", "key2"}) if err != nil { fmt.Printf("Unable to read from DB\n") -- 2.16.6