From ae34bbdbdb01326fe716c390aa00c65d4aeb38bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sergio=20Casta=C3=B1o=20Arteaga?= Date: Tue, 25 Jun 2024 11:33:12 +0200 Subject: [PATCH] Upgrade backend deps and base images (#632) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sergio CastaƱo Arteaga --- Cargo.lock | 149 ++++++++++++++++++++++++------- Cargo.toml | 20 ++--- clotributor-apiserver/Dockerfile | 6 +- clotributor-registrar/Dockerfile | 4 +- clotributor-tracker/Dockerfile | 4 +- database/migrations/Dockerfile | 4 +- 6 files changed, 137 insertions(+), 50 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 73d707d..cdcbfd2 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -87,9 +87,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.83" +version = "1.0.86" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25bdb32cbbdce2b519a9cd7df3a678443100e265d5e25ca763b7572a5104f5f3" +checksum = "b3d1d046238990b9cf5bcde22a3fb3584ee5cf65fb2765f454ed428c7a0063da" [[package]] name = "ascii" @@ -301,9 +301,9 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "clap" -version = "4.5.4" +version = "4.5.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90bc066a67923782aa8515dbaea16946c5bcc5addbd668bb80af688e53e548a0" +checksum = "5db83dced34638ad474f39f250d7fea9598bdd239eaced1bdf45d597da0f433f" dependencies = [ "clap_builder", "clap_derive", @@ -311,9 +311,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.2" +version = "4.5.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae129e2e766ae0ec03484e609954119f123cc1fe650337e155d03b022f24f7b4" +checksum = "f7e204572485eb3fbf28f871612191521df159bc3e15a9f5064c66dba3a8c05f" dependencies = [ "anstream", "anstyle", @@ -323,9 +323,9 @@ dependencies = [ [[package]] name = "clap_derive" -version = "4.5.4" +version = "4.5.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "528131438037fd55894f62d6e9f068b8f45ac57ffa77517819645d10aed04f64" +checksum = "c780290ccf4fb26629baa7a1081e68ced113f1d3ec302fa5948f1c381ebf06c6" dependencies = [ "heck 0.5.0", "proc-macro2", @@ -382,7 +382,7 @@ dependencies = [ "mockito", "openssl", "postgres-openssl", - "reqwest 0.12.4", + "reqwest 0.12.5", "serde", "serde_json", "serde_yaml", @@ -413,7 +413,7 @@ dependencies = [ "postgres-openssl", "postgres-types", "regex", - "reqwest 0.12.4", + "reqwest 0.12.5", "serde", "serde_json", "sha2", @@ -523,10 +523,11 @@ dependencies = [ [[package]] name = "deadpool-postgres" -version = "0.13.2" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19be9da496d60d03ec3ab45d960d80a3afb285b787394b83614a79942f467e7f" +checksum = "1ab8a4ea925ce79678034870834602a2980f4b88c09e97feb266496dbb4493d2" dependencies = [ + "async-trait", "deadpool", "getrandom", "serde", @@ -1047,6 +1048,23 @@ dependencies = [ "want", ] +[[package]] +name = "hyper-rustls" +version = "0.27.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5ee4be2c948921a1a5320b629c4193916ed787a7f7f293fd3f7f5a6c9de74155" +dependencies = [ + "futures-util", + "http 1.1.0", + "hyper 1.3.1", + "hyper-util", + "rustls", + "rustls-pki-types", + "tokio", + "tokio-rustls", + "tower-service", +] + [[package]] name = "hyper-tls" version = "0.5.0" @@ -1159,9 +1177,9 @@ dependencies = [ [[package]] name = "lazy_static" -version = "1.4.0" +version = "1.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" +checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" [[package]] name = "libc" @@ -1746,9 +1764,9 @@ dependencies = [ [[package]] name = "regex" -version = "1.10.4" +version = "1.10.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c117dbdfde9c8308975b6a18d71f3f385c89461f7b3fb054288ecf2a2058ba4c" +checksum = "b91213439dad192326a0d7c6ee3955910425f441d7038e0d6933b0aec5c4517f" dependencies = [ "aho-corasick", "memchr", @@ -1830,9 +1848,9 @@ dependencies = [ [[package]] name = "reqwest" -version = "0.12.4" +version = "0.12.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "566cafdd92868e0939d3fb961bd0dc25fcfaaed179291093b3d43e6b3150ea10" +checksum = "c7d6d2a27d57148378eb5e111173f4276ad26340ecc5c49a4a2152167a2d6a37" dependencies = [ "base64 0.22.1", "bytes", @@ -1844,6 +1862,7 @@ dependencies = [ "http-body 1.0.0", "http-body-util", "hyper 1.3.1", + "hyper-rustls", "hyper-tls 0.6.0", "hyper-util", "ipnet", @@ -1858,7 +1877,7 @@ dependencies = [ "serde", "serde_json", "serde_urlencoded", - "sync_wrapper 0.1.2", + "sync_wrapper 1.0.1", "system-configuration", "tokio", "tokio-native-tls", @@ -1870,6 +1889,21 @@ dependencies = [ "winreg 0.52.0", ] +[[package]] +name = "ring" +version = "0.17.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c17fa4cb658e3583423e915b9f3acc01cceaee1860e33d59ebae66adc3a2dc0d" +dependencies = [ + "cc", + "cfg-if", + "getrandom", + "libc", + "spin", + "untrusted", + "windows-sys 0.52.0", +] + [[package]] name = "ron" version = "0.7.1" @@ -1910,6 +1944,19 @@ dependencies = [ "windows-sys 0.52.0", ] +[[package]] +name = "rustls" +version = "0.23.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "05cff451f60db80f490f3c182b77c35260baace73209e9cdbbe526bfe3a4d402" +dependencies = [ + "once_cell", + "rustls-pki-types", + "rustls-webpki", + "subtle", + "zeroize", +] + [[package]] name = "rustls-pemfile" version = "1.0.4" @@ -1935,6 +1982,17 @@ version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "976295e77ce332211c0d24d92c0e83e50f5c5f046d11082cea19f3df13a3562d" +[[package]] +name = "rustls-webpki" +version = "0.102.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ff448f7e92e913c4b7d4c6d8e4540a1724b319b4152b8aef6d4cf8339712b33e" +dependencies = [ + "ring", + "rustls-pki-types", + "untrusted", +] + [[package]] name = "rustversion" version = "1.0.14" @@ -1987,18 +2045,18 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.202" +version = "1.0.203" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "226b61a0d411b2ba5ff6d7f73a476ac4f8bb900373459cd00fab8512828ba395" +checksum = "7253ab4de971e72fb7be983802300c30b5a7f0c2e56fab8abfc6a214307c0094" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.202" +version = "1.0.203" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6048858004bcff69094cd972ed40a32500f153bd3be9f716b2eed2e8217c4838" +checksum = "500cbc0ebeb6f46627f50f3f5811ccf6bf00643be300b4c3eabc0ef55dc5b5ba" dependencies = [ "proc-macro2", "quote", @@ -2007,9 +2065,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.117" +version = "1.0.118" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "455182ea6142b14f93f4bc5320a2b31c1f266b66a4a5c858b013302a5d8cbfc3" +checksum = "d947f6b3163d8857ea16c4fa0dd4840d52f3041039a85decd46867eb1abef2e4" dependencies = [ "itoa", "ryu", @@ -2139,6 +2197,12 @@ dependencies = [ "windows-sys 0.48.0", ] +[[package]] +name = "spin" +version = "0.9.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67" + [[package]] name = "stringprep" version = "0.1.3" @@ -2311,9 +2375,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.37.0" +version = "1.38.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1adbebffeca75fcfd058afa480fb6c0b81e165a0323f9c9d39c9697e37c46787" +checksum = "ba4f4a02a7a80d6f274636f0aa95c7e383b912d41fe721a31f29e29698585a4a" dependencies = [ "backtrace", "bytes", @@ -2330,9 +2394,9 @@ dependencies = [ [[package]] name = "tokio-macros" -version = "2.2.0" +version = "2.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b8a1e28f2deaa14e508979454cb3a223b10b938b45af148bc0986de36f1923b" +checksum = "5f5ae998a069d4b5aba8ee9dad856af7d520c3699e6159b185c2acd48155d39a" dependencies = [ "proc-macro2", "quote", @@ -2387,6 +2451,17 @@ dependencies = [ "whoami", ] +[[package]] +name = "tokio-rustls" +version = "0.26.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c7bc40d0e5a97695bb96e27995cd3a08538541b0a846f65bba7a359f36700d4" +dependencies = [ + "rustls", + "rustls-pki-types", + "tokio", +] + [[package]] name = "tokio-util" version = "0.7.10" @@ -2601,6 +2676,12 @@ version = "0.2.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "673aac59facbab8a9007c7f6108d11f63b603f7cabff99fabf650fea5c32b861" +[[package]] +name = "untrusted" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1" + [[package]] name = "url" version = "2.5.0" @@ -2620,9 +2701,9 @@ checksum = "711b9620af191e0cdc7468a8d14e709c3dcdb115b36f838e601583af800a370a" [[package]] name = "uuid" -version = "1.8.0" +version = "1.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a183cf7feeba97b4dd1c0d46788634f6221d87fa961b305bed08c851829efcc0" +checksum = "5de17fd2f7da591098415cff336e12965a28061ddace43b59cb3c430179c9439" dependencies = [ "serde", ] @@ -2934,3 +3015,9 @@ checksum = "56c1936c4cc7a1c9ab21a1ebb602eb942ba868cbd44a99cb7cdc5892335e1c85" dependencies = [ "linked-hash-map", ] + +[[package]] +name = "zeroize" +version = "1.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ced3678a2879b30306d323f4542626697a464a97c0a07c9aebf7ebca65cd4dde" diff --git a/Cargo.toml b/Cargo.toml index 7ab983c..753bbd9 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -13,30 +13,30 @@ edition = "2021" rust-version = "1.65" [workspace.dependencies] -anyhow = "1.0.83" +anyhow = "1.0.86" async-trait = "0.1.80" axum = { version = "0.7.5", features = ["macros"] } bincode = "1.3.3" -clap = { version = "4.5.4", features = ["derive"] } +clap = { version = "4.5.7", features = ["derive"] } config = "0.13.4" deadpool = "0.12.1" -deadpool-postgres = { version = "0.13.2", features = ["serde"] } +deadpool-postgres = { version = "0.14.0", features = ["serde"] } futures = "0.3.30" graphql_client = { version = "0.14.0", features = ["reqwest"] } hex = "0.4.3" http = "1.1.0" hyper = "1.3.1" -lazy_static = "1.4.0" +lazy_static = "1.5.0" mime = "0.3.17" mockall = "0.12.1" mockito = "1.4.0" openssl = { version = "0.10.64", features = ["vendored"] } postgres-openssl = "0.5.0" postgres-types = { version = "0.2.6", features = ["derive"] } -regex = "1.10.4" -reqwest = { version = "0.12.4", features = ["json"] } -serde = { version = "1.0.202", features = ["derive"] } -serde_json = "1.0.117" +regex = "1.10.5" +reqwest = { version = "0.12.5", features = ["json"] } +serde = { version = "1.0.203", features = ["derive"] } +serde_json = "1.0.118" serde_qs = "0.13.0" serde_yaml = "0.9.34" sha2 = "0.10.8" @@ -46,7 +46,7 @@ time = { version = "0.3.36", features = [ "parsing", "serde", ] } -tokio = { version = "1.37.0", features = [ +tokio = { version = "1.38.0", features = [ "macros", "process", "rt-multi-thread", @@ -62,4 +62,4 @@ tower = "0.4.13" tower-http = { version = "0.5.2", features = ["fs", "set-header", "trace"] } tracing = "0.1.40" tracing-subscriber = { version = "0.3.18", features = ["env-filter", "json"] } -uuid = { version = "1.8.0", features = ["serde"] } +uuid = { version = "1.9.1", features = ["serde"] } diff --git a/clotributor-apiserver/Dockerfile b/clotributor-apiserver/Dockerfile index 681d9d0..5b913a1 100644 --- a/clotributor-apiserver/Dockerfile +++ b/clotributor-apiserver/Dockerfile @@ -1,5 +1,5 @@ # Build apiserver -FROM rust:1-alpine3.19 as builder +FROM rust:1-alpine3.20 as builder RUN apk --no-cache add musl-dev perl make WORKDIR /clotributor COPY Cargo.* ./ @@ -10,7 +10,7 @@ WORKDIR /clotributor/clotributor-apiserver RUN cargo build --release # Build frontend -FROM node:18-alpine3.19 AS frontend-builder +FROM node:18-alpine3.20 AS frontend-builder RUN apk --no-cache add git WORKDIR /web COPY web . @@ -20,7 +20,7 @@ RUN yarn install --network-concurrency 1 RUN yarn build # Final stage -FROM alpine:3.19.1 +FROM alpine:3.20.1 RUN apk --no-cache add ca-certificates && addgroup -S clotributor && adduser -S clotributor -G clotributor USER clotributor WORKDIR /home/clotributor diff --git a/clotributor-registrar/Dockerfile b/clotributor-registrar/Dockerfile index 54debc7..354cb47 100644 --- a/clotributor-registrar/Dockerfile +++ b/clotributor-registrar/Dockerfile @@ -1,5 +1,5 @@ # Build registrar -FROM rust:1-alpine3.19 as builder +FROM rust:1-alpine3.20 as builder RUN apk --no-cache add musl-dev perl make WORKDIR /clotributor COPY Cargo.* ./ @@ -10,7 +10,7 @@ WORKDIR /clotributor/clotributor-registrar RUN cargo build --release # Final stage -FROM alpine:3.19.1 +FROM alpine:3.20.1 RUN apk --no-cache add ca-certificates && addgroup -S clotributor && adduser -S clotributor -G clotributor USER clotributor WORKDIR /home/clotributor diff --git a/clotributor-tracker/Dockerfile b/clotributor-tracker/Dockerfile index 30c6b5e..3dc0ae5 100644 --- a/clotributor-tracker/Dockerfile +++ b/clotributor-tracker/Dockerfile @@ -1,5 +1,5 @@ # Build tracker -FROM rust:1-alpine3.19 as builder +FROM rust:1-alpine3.20 as builder RUN apk --no-cache add musl-dev perl make WORKDIR /clotributor COPY Cargo.* ./ @@ -10,7 +10,7 @@ WORKDIR /clotributor/clotributor-tracker RUN cargo build --release # Final stage -FROM alpine:3.19.1 +FROM alpine:3.20.1 RUN apk --no-cache add ca-certificates && addgroup -S clotributor && adduser -S clotributor -G clotributor USER clotributor WORKDIR /home/clotributor diff --git a/database/migrations/Dockerfile b/database/migrations/Dockerfile index 0102709..4ea0518 100644 --- a/database/migrations/Dockerfile +++ b/database/migrations/Dockerfile @@ -1,10 +1,10 @@ # Build tern -FROM golang:1.22.3-alpine3.19 AS tern +FROM golang:1.22.4-alpine3.19 AS tern RUN apk --no-cache add git RUN go install github.com/jackc/tern@latest # Build final image -FROM alpine:3.19.1 +FROM alpine:3.20.1 RUN addgroup -S clotributor && adduser -S clotributor -G clotributor USER clotributor WORKDIR /home/clotributor