Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix/dev tag format #257

Merged
merged 3 commits into from
Jan 22, 2025
Merged

Fix/dev tag format #257

merged 3 commits into from
Jan 22, 2025
+4 −4

Conversation

mateipopa
Copy link
Contributor

No description provided.

@github-actions GitHub Actions
Copy link

🔍 Trivy Dockerfile Scan Results for protocols/ethereum/ethereum-reth/Dockerfile

Click to view findings 

Dockerfile (dockerfile)
=======================
Tests: 21 (SUCCESSES: 18, FAILURES: 3)
Failures: 3 (HIGH: 1, CRITICAL: 2)

AVD-DS-0002 (HIGH): Specify at least 1 USER command in Dockerfile with non-root user as argument
════════════════════════════════════════
Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.

See https://avd.aquasec.com/misconfig/ds002
────────────────────────────────────────


AVD-DS-0031 (CRITICAL): Possible exposure of secret env "CLOUDFLARE_API_KEY" in ARG
════════════════════════════════════════
Passing secrets via `build-args` or envs or copying secret files can leak them out

See https://avd.aquasec.com/misconfig/ds031
────────────────────────────────────────
 Dockerfile:12
────────────────────────────────────────
  12 [ ARG CLOUDFLARE_API_KEY
────────────────────────────────────────


AVD-DS-0031 (CRITICAL): Possible exposure of secret env "CLOUDFLARE_API_KEY" in ENV
════════════════════════════════════════
Passing secrets via `build-args` or envs or copying secret files can leak them out

See https://avd.aquasec.com/misconfig/ds031
────────────────────────────────────────
 Dockerfile:16
────────────────────────────────────────
  16 [ ENV CLOUDFLARE_API_KEY=${CLOUDFLARE_API_KEY}
────────────────────────────────────────

Please review these findings and make necessary fixes to improve the security of your Dockerfile.

@github-actions GitHub Actions
Copy link

🔍 Trivy Dockerfile Scan Results for protocols/ethereum/ethereum-erigon/Dockerfile

Click to view findings 

Dockerfile (dockerfile)
=======================
Tests: 21 (SUCCESSES: 18, FAILURES: 3)
Failures: 3 (HIGH: 1, CRITICAL: 2)

AVD-DS-0002 (HIGH): Specify at least 1 USER command in Dockerfile with non-root user as argument
════════════════════════════════════════
Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.

See https://avd.aquasec.com/misconfig/ds002
────────────────────────────────────────


AVD-DS-0031 (CRITICAL): Possible exposure of secret env "CLOUDFLARE_API_KEY" in ARG
════════════════════════════════════════
Passing secrets via `build-args` or envs or copying secret files can leak them out

See https://avd.aquasec.com/misconfig/ds031
────────────────────────────────────────
 Dockerfile:11
────────────────────────────────────────
  11 [ ARG CLOUDFLARE_API_KEY
────────────────────────────────────────


AVD-DS-0031 (CRITICAL): Possible exposure of secret env "CLOUDFLARE_API_KEY" in ENV
════════════════════════════════════════
Passing secrets via `build-args` or envs or copying secret files can leak them out

See https://avd.aquasec.com/misconfig/ds031
────────────────────────────────────────
 Dockerfile:15
────────────────────────────────────────
  15 [ ENV CLOUDFLARE_API_KEY=${CLOUDFLARE_API_KEY}
────────────────────────────────────────

Please review these findings and make necessary fixes to improve the security of your Dockerfile.

@github-actions GitHub Actions
Copy link

The following nodes have been deployed on fra02.dev.blockjoy.com:

  • globally-fit-doe, running variant erigon-mainnet-full
  • adversely-trusted-seasnail, running variant erigon-sepolia-full
  • implicitly-creative-raccoon, running variant erigon-mainnet-archive
  • wildly-talented-boa, running variant erigon-sepolia-archive

These nodes will be cleaned up on PR merge or close and replaced on PR update.

@github-actions GitHub Actions
Copy link

The following nodes have been deployed on fra02.dev.blockjoy.com:

  • mentally-real-pangolin, running variant reth-mainnet-full
  • eminently-neutral-mouse, running variant reth-sepolia-full
  • newly-fit-kangaroo, running variant reth-mainnet-archive
  • abnormally-lasting-chicken, running variant reth-sepolia-archive

These nodes will be cleaned up on PR merge or close and replaced on PR update.

@mateipopa mateipopa merged commit 99a6e4e into main Jan 22, 2025
15 checks passed
@github-actions GitHub Actions
Copy link

Ethereum: erigon-mainnet-full version 0.0.3 and build number 1 has been pushed to the Dev API.

@github-actions GitHub Actions
Copy link

Ethereum: reth-mainnet-full version 0.0.10 and build number 1 has been pushed to the Dev API.

@github-actions GitHub Actions
Copy link

All nodes have been cleaned up after merge

@github-actions GitHub Actions
Copy link

Ethereum: reth-mainnet-full version 0.0.10 and build number 1 has been pushed to the Staging API.

@github-actions GitHub Actions
Copy link

Ethereum: erigon-mainnet-full version 0.0.3 and build number 1 has been pushed to the Staging API.

@mateipopa mateipopa deleted the fix/dev-tag-format branch January 22, 2025 13:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@mateipopa