From d3cafbaa433a5f806cef34a7a0a6b8a8983766e7 Mon Sep 17 00:00:00 2001 From: Ritika Patil <94649368+riragh@users.noreply.github.com> Date: Fri, 16 Jun 2023 09:11:34 -0500 Subject: [PATCH 1/2] feat: (IAC-1035) Remediate high security vulnerabilities (#322) --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 43eb48cc..082ed9fe 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,7 +11,8 @@ COPY --from=terraform /bin/terraform /bin/terraform COPY . . RUN apk update \ - && apk --no-cache add git openssh \ + && apk upgrade \ + && apk add --no-cache git openssh \ && curl -sLO https://storage.googleapis.com/kubernetes-release/release/v$KUBECTL_VERSION/bin/linux/amd64/kubectl \ && chmod 755 ./kubectl /viya4-iac-azure/docker-entrypoint.sh \ && mv ./kubectl /usr/local/bin/kubectl \ From 1ff0ca12be3f36f5103e67c2630d193836dbfc1a Mon Sep 17 00:00:00 2001 From: Ritika Patil <94649368+riragh@users.noreply.github.com> Date: Tue, 20 Jun 2023 08:46:13 -0500 Subject: [PATCH 2/2] docs: (IAC-1081) Update CDS Postgres URLs in CONFIG VARS documentation (#324) --- docs/CONFIG-VARS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/CONFIG-VARS.md b/docs/CONFIG-VARS.md index c6c0f2a6..6fd458d8 100644 --- a/docs/CONFIG-VARS.md +++ b/docs/CONFIG-VARS.md @@ -360,7 +360,7 @@ Each server element, like `foo = {}`, can contain none, some, or all of the para | connectivity_method | Network connectivity option to connect to your flexible server. There are two connectivity options available: Public access (allowed IP addresses) and Private access (VNet Integration). Defaults to public access with firewall rules enabled.| string | "public" | Valid options are `public` and `private`. See details [here](https://learn.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-networking) | | postgresql_configurations | Sets a PostgreSQL Configuration value on a Azure PostgreSQL Flexible Server | list(object) | [] | More details can be found [here](https://docs.microsoft.com/en-us/azure/postgresql/flexible-server/howto-configure-server-parameters-using-cli) | -Multiple SAS offerings require a second PostgreSQL instance referred to as SAS Common Data Store, or CDS PostgreSQL. For more information, see [Common Customizations](https://go.documentation.sas.com/doc/en/itopscdc/default/dplyml0phy0dkr/n08u2yg8tdkb4jn18u8zsi6yfv3d.htm#p0wkxxi9s38zbzn19ukjjaxsc0kl). A list of SAS offerings that require CDS PostgreSQL is provided in [SAS Common Data Store Requirements](https://go.documentation.sas.com/doc/en/itopscdc/default/itopssr/p06lfgkwib3zxbn1t6nyihexp12n.htm#n03wzanutmc6gon1val5fykas9aa). To create and configure an external CDS PostgreSQL instance in addition to the external platform PostgreSQL instance named `default`, specify `cds-postgres` as a second PostgreSQL instance, as shown in the example below. +Multiple SAS offerings require a second PostgreSQL instance referred to as SAS Common Data Store, or CDS PostgreSQL. For more information, see [Common Customizations](https://documentation.sas.com/?cdcId=itopscdc&cdcVersion=default&docsetId=dplyml0phy0dkr&docsetTarget=n08u2yg8tdkb4jn18u8zsi6yfv3d.htm#p0wkxxi9s38zbzn19ukjjaxsc0kl). A list of SAS offerings that require CDS PostgreSQL is provided in [SAS Common Data Store Requirements](https://documentation.sas.com/?cdcId=itopscdc&cdcVersion=default&docsetId=itopssr&docsetTarget=p05lfgkwib3zxbn1t6nyihexp12n.htm#n03wzanutmc6gon1val5fykas9aa). To create and configure an external CDS PostgreSQL instance in addition to the external platform PostgreSQL instance named `default`, specify `cds-postgres` as a second PostgreSQL instance, as shown in the example below. Here is an example of the `postgres_servers` variable with the `default` server entry overriding only the `administrator_password` and `postgresql_configurations` parameters, and the `cds-postgres` entry overriding the `sku_name`, `storage_mb`, `backup_retention_days`, `administrator_login` and `administrator_password` parameters: