kubeflow
/
pipelines
mirror of https://github.com/kubeflow/pipelines.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: Update proxy agent image to fix CVE-2022-1292 (#8019) 

* Update proxy agent base image

* fix python command in register script

* make code python3 compatible
This commit is contained in:
Chen Sun 2022-07-13 02:38:02 -07:00 committed by GitHub
parent c7bf68edde
commit 572484951f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
proxy/Dockerfile
View File

@ -13,12 +13,12 @@
# limitations under the License.
# Pin to a specific version of invert proxy agent
FROM gcr.io/inverting-proxy/agent@sha256:762c500f748e00753e6b1af0a273e0097130344a793258108b3886789e2fe744
FROM gcr.io/inverting-proxy/agent@sha256:c875588c1be53b1bc0c7183653347acf7887ab32a299a2e9b292bd6188a4e26b
# We need --allow-releaseinfo-change, because of https://github.com/kubeflow/pipelines/issues/6311#issuecomment-899224137.
RUN apt update --allow-releaseinfo-change && apt-get install -y curl jq python-pip
RUN apt update --allow-releaseinfo-change && apt-get install -y curl jq python3-pip
COPY requirements.txt .
RUN python2 -m pip install -r \
RUN python3 -m pip install -r \
requirements.txt --quiet --no-cache-dir \
&& rm -f requirements.txt

2
proxy/attempt-register-vm-on-proxy.sh
View File

@ -61,7 +61,7 @@ INSTANCE_ZONE="${INSTANCE_ZONE##/*/}"
if [[ -z "${PROXY_URL}" ]]; then
# Get latest Proxy server URL
wget https://storage.googleapis.com/ml-pipeline/proxy-agent-config.json
PROXY_URL=$(python ${DIR}/get_proxy_url.py --config-file-path "proxy-agent-config.json" --location "${INSTANCE_ZONE}" --version "latest")
PROXY_URL=$(python3 ${DIR}/get_proxy_url.py --config-file-path "proxy-agent-config.json" --location "${INSTANCE_ZONE}" --version "latest")
fi
if [[ -z "${PROXY_URL}" ]]; then
echo "Proxy URL for the zone ${INSTANCE_ZONE} no found, exiting."

8
proxy/get_proxy_url.py
View File

@ -14,7 +14,6 @@
# limitations under the License.
"""CLI tool that returns URL of the proxy for particular zone and version."""
import argparse
import functools
import json
import logging
import re
@ -73,11 +72,10 @@ def urls_for_zone(zone, location_to_urls_map):
def main():
unicode_type = functools.partial(unicode, encoding="utf8")
parser = argparse.ArgumentParser(description="Get proxy URL")
parser.add_argument("--config-file-path", required=True, type=unicode_type)
parser.add_argument("--location", required=True, type=unicode_type)
parser.add_argument("--version", required=True, type=unicode_type)
parser.add_argument("--config-file-path", required=True, type=str)
parser.add_argument("--location", required=True, type=str)
parser.add_argument("--version", required=True, type=str)
args = parser.parse_args()
with open(args.config_file_path, "r") as config_file: