From a3f9b143fcd5efd90b698be3e5687e2583979303 Mon Sep 17 00:00:00 2001 From: zondervancalvez Date: Fri, 17 Jun 2022 14:45:37 +0800 Subject: [PATCH] fix(security): vulnerabilities found in fabric2-all-in-one Fixes #2057 Signed-off-by: zondervancalvez --- .../run-transaction-endpoint-v1.test.ts | 8 +++--- .../run-transaction-with-identities.test.ts | 2 +- .../docker/fabric-all-in-one/Dockerfile_v2.x | 26 +++++++++++++++---- 3 files changed, 26 insertions(+), 10 deletions(-) diff --git a/packages/cactus-plugin-ledger-connector-fabric/src/test/typescript/integration/fabric-v2-2-x/run-transaction-endpoint-v1.test.ts b/packages/cactus-plugin-ledger-connector-fabric/src/test/typescript/integration/fabric-v2-2-x/run-transaction-endpoint-v1.test.ts index 533f140dfb7..f29a890baa5 100644 --- a/packages/cactus-plugin-ledger-connector-fabric/src/test/typescript/integration/fabric-v2-2-x/run-transaction-endpoint-v1.test.ts +++ b/packages/cactus-plugin-ledger-connector-fabric/src/test/typescript/integration/fabric-v2-2-x/run-transaction-endpoint-v1.test.ts @@ -228,8 +228,8 @@ describe(testCase, () => { const assets = JSON.parse(res.data.functionOutput); const asset277 = assets.find((c: { ID: string }) => c.ID === assetId); expect(asset277).toBeTruthy(); - expect(asset277.owner).toBeTruthy(); - expect(asset277.owner).toEqual(assetOwner); + expect(asset277.Owner).toBeTruthy(); + expect(asset277.Owner).toEqual(assetOwner); } { @@ -302,8 +302,8 @@ describe(testCase, () => { const assets = JSON.parse(res.data.functionOutput); const asset277 = assets.find((c: { ID: string }) => c.ID === assetId); expect(asset277).toBeTruthy(); - expect(asset277.owner).toBeTruthy(); - expect(asset277.owner).toEqual(assetOwner); + expect(asset277.Owner).toBeTruthy(); + expect(asset277.Owner).toEqual(assetOwner); } }); }); diff --git a/packages/cactus-plugin-ledger-connector-fabric/src/test/typescript/integration/fabric-v2-2-x/run-transaction-with-identities.test.ts b/packages/cactus-plugin-ledger-connector-fabric/src/test/typescript/integration/fabric-v2-2-x/run-transaction-with-identities.test.ts index c24e20a302c..f8e54d66928 100644 --- a/packages/cactus-plugin-ledger-connector-fabric/src/test/typescript/integration/fabric-v2-2-x/run-transaction-with-identities.test.ts +++ b/packages/cactus-plugin-ledger-connector-fabric/src/test/typescript/integration/fabric-v2-2-x/run-transaction-with-identities.test.ts @@ -366,7 +366,7 @@ test("run-transaction-with-identities", async (t: Test) => { }); t.true(resp.success); const asset = JSON.parse(resp.functionOutput); - t.equal(asset.owner, "client2"); + t.equal(asset.Owner, "client2"); } t.end(); }); diff --git a/tools/docker/fabric-all-in-one/Dockerfile_v2.x b/tools/docker/fabric-all-in-one/Dockerfile_v2.x index 0a89a96af09..4bcc71ca371 100644 --- a/tools/docker/fabric-all-in-one/Dockerfile_v2.x +++ b/tools/docker/fabric-all-in-one/Dockerfile_v2.x @@ -2,18 +2,34 @@ # https://github.com/docker-library/docker/issues/170 FROM docker:24.0.5-dind -ARG FABRIC_VERSION=2.2.13 -ARG FABRIC_NODEENV_VERSION=2.4.2 -ARG CA_VERSION=1.4.9 +ARG FABRIC_VERSION=2.4.4 +ARG CA_VERSION=1.5.3 ARG COUCH_VERSION_FABRIC=0.4 -ARG COUCH_VERSION=3.1.1 +ARG COUCH_VERSION=3.2.2 +ARG FABRIC_NODEENV_VERSION=2.4.2 WORKDIR / RUN apk update && apk --no-cache upgrade openssh-client # Install dependencies of Docker Compose -RUN apk add docker-cli docker-cli-compose +RUN apk add py-pip python3-dev libffi-dev openssl-dev gcc libc-dev make + +# Install python/pip - We need this because DinD 18.x has Python 2 +# And we cannot upgrade to DinD 19 because of +# https://github.com/docker-library/docker/issues/170 +ENV PYTHONUNBUFFERED=1 +RUN apk add --update --no-cache python3 && ln -sf python3 /usr/bin/python +RUN python3 -m ensurepip +RUN pip install --no-cache --upgrade --index-url=https://pypi.python.org/simple/ "pip>=21" setuptools + +# Without this the docker-compose installation crashes, complaining about +# a lack of rust compiler... +# RUN pip install setuptools_rust +ENV CRYPTOGRAPHY_DONT_BUILD_RUST=1 + +# Install Docker Compose which is a dependency of Fabric Samples +RUN pip install docker-compose # Need git to clone the sources of the Fabric Samples repository from GitHub RUN apk add --no-cache git