From 7451dc0a82e677c5e25a9c4cc190832dc756bf95 Mon Sep 17 00:00:00 2001 From: Rainmaker Date: Mon, 30 Dec 2019 00:56:24 -0500 Subject: [PATCH] - Fix security vulnerbility for rack, nokogiri, excon, puma - lock all dependency gem versions to make it safe to `bundle update` at anytime - update Readme links to ssl version of the documentation --- .travis.yml | 2 + Changelog.rdoc | 7 + Gemfile | 12 +- Gemfile.lock | 135 ++++++++---------- README.md | 38 ++--- VERSION | 2 +- docker-compose.dev.yml | 12 +- docker-compose.yml | 12 +- kubernetes-manifests/base/database-setup.yaml | 2 +- .../base/events-deployment.yaml | 2 +- .../base/notifications-deployment.yaml | 2 +- .../base/recurring-jobs-deployment.yaml | 2 +- kubernetes-manifests/base/web-deployment.yaml | 2 +- .../base/workers-deployment.yaml | 2 +- 14 files changed, 115 insertions(+), 117 deletions(-) diff --git a/.travis.yml b/.travis.yml index 1966dea2..7857e9c5 100644 --- a/.travis.yml +++ b/.travis.yml @@ -21,4 +21,6 @@ addons: packages: - libzmq3-dev +before_install: bundle update --bundler + script: bundle exec rake webapp_tests core_tests diff --git a/Changelog.rdoc b/Changelog.rdoc index 67919f73..fbd51996 100644 --- a/Changelog.rdoc +++ b/Changelog.rdoc @@ -1,3 +1,10 @@ +==Ragios v0.7.2.2 +12-30-2019 +- Fix security vulnerbility for rack, nokogiri, excon, puma +- lock all dependency gem versions to make it safe to `bundle update` at anytime +- update Readme links to ssl version of the documentation + + ==Ragios v0.7.2.1 07-08-2019 - Fix bug with that raises a port already bound error for workers port 5043 during started, this bug was introduced during the translation of existing docker-compose files to kubernetes for the last release. (showstopper release for v0.7.2 users) diff --git a/Gemfile b/Gemfile index eff77ef3..6b03f310 100644 --- a/Gemfile +++ b/Gemfile @@ -1,20 +1,20 @@ source 'http://rubygems.org' gem 'rufus-scheduler', '~> 3.4.2', :require => 'rufus/scheduler' -gem 'state_machine' +gem 'state_machine', '~> 1.2.0' gem 'leanback', '~> 0.5.14' -gem 'contracts' +gem 'contracts', '0.4' gem 'celluloid-zmq', '~> 0.17.2' +gem "nokogiri", '~> 1.10.4' gem 'daemons', :group => [:services] gem 'rake', :group => [:development, :test] gem 'ffi', '~> 1.9.24' -gem "rack", ">= 2.0.6", :group => [:development, :web] +gem 'rack', '~> 2.0.6', :group => [:development, :web] group :development do gem 'pry' gem 'foreman' - gem 'ragios-client', '~> 0.2.4' end group :notifiers do @@ -22,7 +22,7 @@ group :notifiers do end group :plugins do - gem 'excon' + gem 'excon', '~> 0.71.0' end group :test do @@ -31,7 +31,7 @@ group :test do end group :web, :development do - gem 'puma', '~> 3.10.0' + gem 'puma', '~> 3.12.2' gem 'sinatra', '~> 2.0.2', :require => 'sinatra/base' gem 'rack-protection', '~> 2.0.0' end diff --git a/Gemfile.lock b/Gemfile.lock index 94bf2448..3b6360bc 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -6,8 +6,8 @@ GEM mail (> 2.2.5) mime-types xml-simple - builder (3.2.3) - celluloid (0.17.3) + builder (3.2.4) + celluloid (0.17.4) celluloid-essentials celluloid-extras celluloid-fsm @@ -29,105 +29,94 @@ GEM ffi ffi-rzmq timers (>= 4.1.1) - coderay (1.0.9) + coderay (1.1.2) + concurrent-ruby (1.1.5) contracts (0.4) - daemons (1.1.0) + daemons (1.3.1) diff-lcs (1.3) - domain_name (0.5.20180417) + domain_name (0.5.20190701) unf (>= 0.0.5, < 1.0.0) - et-orbi (1.0.8) + et-orbi (1.2.2) tzinfo - excon (0.45.4) + excon (0.71.1) ffi (1.9.25) ffi (1.9.25-java) - ffi-rzmq (2.0.5) - ffi-rzmq-core (>= 1.0.6) - ffi-rzmq-core (1.0.6) + ffi-rzmq (2.0.7) + ffi-rzmq-core (>= 1.0.7) + ffi-rzmq-core (1.0.7) ffi - foreman (0.84.0) - thor (~> 0.19.1) - hitimes (1.2.4) - hitimes (1.2.4-java) + foreman (0.86.0) + http-accept (1.7.0) http-cookie (1.0.3) domain_name (~> 0.5) leanback (0.5.14) multi_json (~> 1.11) rest-client (~> 2.0) - mail (2.6.6) - mime-types (>= 1.16, < 4) - method_source (0.8.1) - mime-types (3.2.2) + mail (2.7.1) + mini_mime (>= 0.1.1) + method_source (0.9.2) + mime-types (3.3.1) mime-types-data (~> 3.2015) - mime-types-data (3.2018.0812) + mime-types-data (3.2019.1009) + mini_mime (1.0.2) mini_portile2 (2.4.0) - multi_json (1.13.1) + multi_json (1.14.1) mustermann (1.0.3) netrc (0.11.0) - nokogiri (1.9.1) + nokogiri (1.10.7) mini_portile2 (~> 2.4.0) - nokogiri (1.9.1-java) - pry (0.9.12.2) - coderay (~> 1.0.5) - method_source (~> 0.8) - slop (~> 3.4) - pry (0.9.12.2-java) - coderay (~> 1.0.5) - method_source (~> 0.8) - slop (~> 3.4) + nokogiri (1.10.7-java) + pry (0.12.2) + coderay (~> 1.1.0) + method_source (~> 0.9.0) + pry (0.12.2-java) + coderay (~> 1.1.0) + method_source (~> 0.9.0) spoon (~> 0.0) - puma (3.10.0) - puma (3.10.0-java) - rack (2.0.6) - rack-protection (2.0.4) + puma (3.12.2) + puma (3.12.2-java) + rack (2.0.8) + rack-protection (2.0.7) rack - rack-test (0.6.2) - rack (>= 1.0) - ragios-client (0.2.4) - multi_json - nokogiri (>= 1.8.2) - rack (>= 2.0.6) - rest-client - rake (12.0.0) - rest-client (2.0.2) + rack-test (1.1.0) + rack (>= 1.0, < 3) + rake (13.0.1) + rest-client (2.1.0) + http-accept (>= 1.7.0, < 2.0) http-cookie (>= 1.0.2, < 2.0) mime-types (>= 1.16, < 4.0) netrc (~> 0.8) - rspec (3.6.0) - rspec-core (~> 3.6.0) - rspec-expectations (~> 3.6.0) - rspec-mocks (~> 3.6.0) - rspec-core (3.6.0) - rspec-support (~> 3.6.0) - rspec-expectations (3.6.0) + rspec (3.9.0) + rspec-core (~> 3.9.0) + rspec-expectations (~> 3.9.0) + rspec-mocks (~> 3.9.0) + rspec-core (3.9.1) + rspec-support (~> 3.9.1) + rspec-expectations (3.9.0) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.6.0) - rspec-mocks (3.6.0) + rspec-support (~> 3.9.0) + rspec-mocks (3.9.0) diff-lcs (>= 1.2.0, < 2.0) - rspec-support (~> 3.6.0) - rspec-support (3.6.0) + rspec-support (~> 3.9.0) + rspec-support (3.9.1) rufus-scheduler (3.4.2) et-orbi (~> 1.0) - sinatra (2.0.4) + sinatra (2.0.7) mustermann (~> 1.0) rack (~> 2.0) - rack-protection (= 2.0.4) + rack-protection (= 2.0.7) tilt (~> 2.0) - slop (3.4.3) - spoon (0.0.4) + spoon (0.0.6) ffi state_machine (1.2.0) - thor (0.19.4) - thread_safe (0.3.6) - thread_safe (0.3.6-java) - tilt (2.0.8) - timers (4.1.2) - hitimes - tzinfo (1.2.4) - thread_safe (~> 0.1) + tilt (2.0.10) + timers (4.3.0) + tzinfo (2.0.1) + concurrent-ruby (~> 1.0) unf (0.1.4) unf_ext unf (0.1.4-java) - unf_ext (0.0.7.5) + unf_ext (0.0.7.6) xml-simple (1.1.5) PLATFORMS @@ -137,23 +126,23 @@ PLATFORMS DEPENDENCIES aws-ses celluloid-zmq (~> 0.17.2) - contracts + contracts (= 0.4) daemons - excon + excon (~> 0.71.0) ffi (~> 1.9.24) foreman leanback (~> 0.5.14) + nokogiri (~> 1.10.4) pry - puma (~> 3.10.0) - rack (>= 2.0.6) + puma (~> 3.12.2) + rack (~> 2.0.6) rack-protection (~> 2.0.0) rack-test - ragios-client (~> 0.2.4) rake rspec rufus-scheduler (~> 3.4.2) sinatra (~> 2.0.2) - state_machine + state_machine (~> 1.2.0) BUNDLED WITH 1.15.4 diff --git a/README.md b/README.md index 81c4693c..aa5dd8d6 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ Sample usage to monitor a website for uptime in Ruby code: ```ruby monitor = { monitor: "My Website", - url: "http://mysite.com", + url: "https://mysite.com", every: "5m", contact: "admin@mail.com", via: "email_notifier", @@ -17,11 +17,11 @@ monitor = { ragios.create(monitor) ``` -The above example creates a monitor that monitor uses an `uptime_monitor` plugin to monitor the website `http://mysite.com` for uptime. This monitor runs tests on the website every 5 minutes, if it detects the website is down, it sends an alert email to `admin@mail.com` via an email notifier. +The above example creates a monitor that monitor uses an `uptime_monitor` plugin to monitor the website `https://mysite.com` for uptime. This monitor runs tests on the website every 5 minutes, if it detects the website is down, it sends an alert email to `admin@mail.com` via an email notifier. ## Features: A small and minimal extensible design: -* Users can add, update, start, stop, restart and delete monitors that can monitor anything in simple Ruby code. [See details](http://www.whisperservers.com/ragios/ragios-saint-ruby/using-ragios/) +* Users can add, update, start, stop, restart and delete monitors that can monitor anything in simple Ruby code. [See details](https://www.whisperservers.com/ragios/ragios-saint-ruby/using-ragios/) * Includes a REST API, a web admin dashboard (Web UI) and a Ruby client rubygem that makes it easy to interact with Ragios directly with ruby code. @@ -49,41 +49,41 @@ I'm doing this just for fun and educational purposes. ## Documentation: -* [Ragios (Saint Ruby)](http://www.whisperservers.com/ragios/ragios-saint-ruby/) +* [Ragios (Saint Ruby)](http//www.whisperservers.com/ragios/ragios-saint-ruby/) - + [Installation](http://www.whisperservers.com/ragios/ragios-saint-ruby/installation/) + + [Installation](https://www.whisperservers.com/ragios/ragios-saint-ruby/installation/) - + [Start/Stop the server](http://www.whisperservers.com/ragios/running-ragios/) + + [Start/Stop the server](https://www.whisperservers.com/ragios/running-ragios/) - + [Using Ragios](http://www.whisperservers.com/ragios/ragios-saint-ruby/using-ragios/) + + [Using Ragios](https://www.whisperservers.com/ragios/ragios-saint-ruby/using-ragios/) - + [Notifications](http://www.whisperservers.com/ragios/ragios-saint-ruby/notifications/) + + [Notifications](https://www.whisperservers.com/ragios/ragios-saint-ruby/notifications/) - + [Events](http://www.whisperservers.com/ragios/events/) + + [Events](https://www.whisperservers.com/ragios/events/) - + [Services](http://www.whisperservers.com/ragios/services/) + + [Services](https://www.whisperservers.com/ragios/services/) + [Web Admin Dashboard](https://github.com/obi-a/ragios/wiki/Web-Admin-Dashboard) - + [Development Mode](http://www.whisperservers.com/ragios/development-mode/) + + [Development Mode](https://www.whisperservers.com/ragios/development-mode/) - + [Creating Notifiers](http://www.whisperservers.com/ragios/notifiers/) + + [Creating Notifiers](https://www.whisperservers.com/ragios/notifiers/) - + [Creating Plugins](http://www.whisperservers.com/ragios/plugins/) + + [Creating Plugins](https://www.whisperservers.com/ragios/plugins/) - + [Authentication](http://www.whisperservers.com/ragios/authentication/) + + [Authentication](https://www.whisperservers.com/ragios/authentication/) - + [REST API](http://www.whisperservers.com/ragios/ragios-rest-api/) + + [REST API](https://www.whisperservers.com/ragios/ragios-rest-api/) - * [API Authentication](http://www.whisperservers.com/ragios/api-authentication/) + * [API Authentication](https://www.whisperservers.com/ragios/api-authentication/) - * [Monitors API](http://www.whisperservers.com/ragios/monitors-api/) + * [Monitors API](https://www.whisperservers.com/ragios/monitors-api/) - * [Events API](http://www.whisperservers.com/ragios/events-api/) + * [Events API](https://www.whisperservers.com/ragios/events-api/) + [Run Ragios on a Kubernetes Cluster](https://github.com/obi-a/ragios/wiki/Run-Ragios-on-a-Kubernetes-Cluster) ## License: MIT License. -Copyright (c) 2019 Obi Akubue, obi-akubue.org +Copyright (c) 2020 Obi Akubue, obi-akubue.org diff --git a/VERSION b/VERSION index c943bc4d..7e8eaac4 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -0.7.2.1 +0.7.2.2 diff --git a/docker-compose.dev.yml b/docker-compose.dev.yml index 78df2053..bc7fdd0b 100644 --- a/docker-compose.dev.yml +++ b/docker-compose.dev.yml @@ -17,8 +17,8 @@ services: RAGIOS_RECURRING_JOBS_RECEIVER_ADDRESS: recurring_jobs RAGIOS_EVENTS_RECEIVER_ADDRESS: events RAGIOS_WEB_SERVER_ADDRESS: 'tcp://0.0.0.0:5041' - RAGIOS_WEB_SERVER_ENV: production - RAGIOS_ENV: production + RAGIOS_WEB_SERVER_ENV: development + RAGIOS_ENV: development RAGIOS_LOG_LEVEL: debug SES_AWS_ACCESS_KEY_ID: SES_AWS_SECRET_ACCESS_KEY: @@ -49,7 +49,7 @@ services: RAGIOS_RECURRING_JOBS_RECEIVER_ADDRESS: '0.0.0.0' RAGIOS_EVENTS_RECEIVER_ADDRESS: events RAGIOS_WORKERS_PUSHER_ADDRESS: '0.0.0.0' - RAGIOS_ENV: production + RAGIOS_ENV: development RAGIOS_LOG_LEVEL: debug SES_AWS_ACCESS_KEY_ID: SES_AWS_SECRET_ACCESS_KEY: @@ -78,7 +78,7 @@ services: RAGIOS_EVENTS_RECEIVER_ADDRESS: events RAGIOS_WORKERS_PUSHER_ADDRESS: recurring_jobs RAGIOS_NOTIFICATIONS_RECEIVER_ADDRESS: notifications - RAGIOS_ENV: production + RAGIOS_ENV: development RAGIOS_LOG_LEVEL: debug SES_AWS_ACCESS_KEY_ID: SES_AWS_SECRET_ACCESS_KEY: @@ -98,7 +98,7 @@ services: - couchdb:couchdb environment: RAGIOS_EVENTS_RECEIVER_ADDRESS: '0.0.0.0' - RAGIOS_ENV: production + RAGIOS_ENV: development RAGIOS_LOG_LEVEL: debug COUCHDB_ADMIN_USERNAME: COUCHDB_ADMIN_PASSWORD: @@ -118,7 +118,7 @@ services: environment: RAGIOS_NOTIFICATIONS_RECEIVER_ADDRESS: '0.0.0.0' RAGIOS_EVENTS_RECEIVER_ADDRESS: events - RAGIOS_ENV: production + RAGIOS_ENV: development RAGIOS_LOG_LEVEL: debug SES_AWS_ACCESS_KEY_ID: SES_AWS_SECRET_ACCESS_KEY: diff --git a/docker-compose.yml b/docker-compose.yml index 0d3d96f4..f40a558c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -8,7 +8,7 @@ services: - 5984:5984 database_setup: - image: "obiora/ragios:v0.7.1.2" + image: "obiora/ragios:v0.7.2.2" links: - couchdb:couchdb environment: @@ -19,7 +19,7 @@ services: entrypoint: bundle exec ruby bin/database_setup.rb web: - image: "obiora/ragios:v0.7.1.2" + image: "obiora/ragios:v0.7.2.2" depends_on: - database_setup links: @@ -52,7 +52,7 @@ services: entrypoint: bundle exec pumactl -F server.rb start recurring_jobs: - image: "obiora/ragios:v0.7.1.2" + image: "obiora/ragios:v0.7.2.2" depends_on: - database_setup links: @@ -78,7 +78,7 @@ services: entrypoint: bundle exec ruby bin/recurring_jobs_ctl.rb run workers: - image: "obiora/ragios:v0.7.1.2" + image: "obiora/ragios:v0.7.2.2" depends_on: - database_setup links: @@ -104,7 +104,7 @@ services: entrypoint: bundle exec ruby bin/workers_ctl.rb run events: - image: "obiora/ragios:v0.7.1.2" + image: "obiora/ragios:v0.7.2.2" depends_on: - database_setup links: @@ -122,7 +122,7 @@ services: entrypoint: bundle exec ruby bin/events_ctl.rb run notifications: - image: "obiora/ragios:v0.7.1.2" + image: "obiora/ragios:v0.7.2.2" depends_on: - database_setup links: diff --git a/kubernetes-manifests/base/database-setup.yaml b/kubernetes-manifests/base/database-setup.yaml index 54916121..0a9efda8 100644 --- a/kubernetes-manifests/base/database-setup.yaml +++ b/kubernetes-manifests/base/database-setup.yaml @@ -18,7 +18,7 @@ spec: - exec - ruby - bin/database_setup.rb - image: obiora/ragios:v0.7.1.2 + image: obiora/ragios:v0.7.2.2 name: database-setup env: - name: COUCHDB_ADMIN_USERNAME diff --git a/kubernetes-manifests/base/events-deployment.yaml b/kubernetes-manifests/base/events-deployment.yaml index f2c3008a..8fdc0da5 100644 --- a/kubernetes-manifests/base/events-deployment.yaml +++ b/kubernetes-manifests/base/events-deployment.yaml @@ -42,7 +42,7 @@ spec: secretKeyRef: name: couchdb-secret key: password - image: obiora/ragios:v0.7.1.2 + image: obiora/ragios:v0.7.2.2 name: events ports: - containerPort: 5045 diff --git a/kubernetes-manifests/base/notifications-deployment.yaml b/kubernetes-manifests/base/notifications-deployment.yaml index 5dbbfcd1..f6ab9c1b 100644 --- a/kubernetes-manifests/base/notifications-deployment.yaml +++ b/kubernetes-manifests/base/notifications-deployment.yaml @@ -44,7 +44,7 @@ spec: secretKeyRef: name: couchdb-secret key: password - image: obiora/ragios:v0.7.1.2 + image: obiora/ragios:v0.7.2.2 name: notifications ports: - containerPort: 5044 diff --git a/kubernetes-manifests/base/recurring-jobs-deployment.yaml b/kubernetes-manifests/base/recurring-jobs-deployment.yaml index 722eb265..74a26229 100644 --- a/kubernetes-manifests/base/recurring-jobs-deployment.yaml +++ b/kubernetes-manifests/base/recurring-jobs-deployment.yaml @@ -46,7 +46,7 @@ spec: secretKeyRef: name: couchdb-secret key: password - image: obiora/ragios:v0.7.1.2 + image: obiora/ragios:v0.7.2.2 name: recurring-jobs ports: - containerPort: 5042 diff --git a/kubernetes-manifests/base/web-deployment.yaml b/kubernetes-manifests/base/web-deployment.yaml index 969f4dea..23dab5ec 100644 --- a/kubernetes-manifests/base/web-deployment.yaml +++ b/kubernetes-manifests/base/web-deployment.yaml @@ -66,7 +66,7 @@ spec: secretKeyRef: name: couchdb-secret key: password - image: obiora/ragios:v0.7.1.2 + image: obiora/ragios:v0.7.2.2 name: web ports: - containerPort: 5041 diff --git a/kubernetes-manifests/base/workers-deployment.yaml b/kubernetes-manifests/base/workers-deployment.yaml index 49008ddd..0bc9c433 100644 --- a/kubernetes-manifests/base/workers-deployment.yaml +++ b/kubernetes-manifests/base/workers-deployment.yaml @@ -48,7 +48,7 @@ spec: secretKeyRef: name: couchdb-secret key: password - image: obiora/ragios:v0.7.1.2 + image: obiora/ragios:v0.7.2.2 name: workers ports: - containerPort: 5043