From 80ec0524d1d91cb9b7e91956964b57f9533d0dff Mon Sep 17 00:00:00 2001
From: Martin Weise <martin.weise@tuwien.ac.at>
Date: Sat, 6 May 2023 23:39:10 +0200
Subject: [PATCH] Fixed analyse service vulnerabilities

---
 dbrepo-analyse-service/Dockerfile              | 18 ++++++++++--------
 dbrepo-analyse-service/requirements.docker.txt |  8 ++++++++
 dbrepo-analyse-service/requirements.txt        |  3 +--
 3 files changed, 19 insertions(+), 10 deletions(-)
 create mode 100644 dbrepo-analyse-service/requirements.docker.txt

diff --git a/dbrepo-analyse-service/Dockerfile b/dbrepo-analyse-service/Dockerfile
index 8c4afe9c11..8f78283686 100644
--- a/dbrepo-analyse-service/Dockerfile
+++ b/dbrepo-analyse-service/Dockerfile
@@ -1,5 +1,13 @@
-FROM python:3.9-slim
-MAINTAINER Cornelia Michlits <cornelia.michlits@tuwien.ac.at>
+FROM python:3.9-alpine
+MAINTAINER Martin Weise <martin.weise@tuwien.ac.at>
+
+RUN apk update && apk --no-cache add build-base gcc python3-dev libpq-dev libffi-dev py3-pandas \
+    py3-sqlalchemy py3-requests py3-gevent py3-psycopg2
+
+COPY ./requirements.docker.txt ./requirements.txt
+RUN pip install -r ./requirements.txt
+
+WORKDIR /app
 
 ENV FLASK_APP=app.py
 ENV FLASK_RUN_HOST=0.0.0.0
@@ -8,12 +16,6 @@ ENV FLASK_ENV=production
 ENV HOSTNAME=analyse-service
 ENV EUREKA_SERVER=http://discovery-service:9090/eureka/
 
-WORKDIR /app
-
-COPY requirements.txt requirements.txt
-
-RUN pip install -r requirements.txt > /dev/null
-
 HEALTHCHECK --interval=10s --timeout=5s --retries=12 CMD ./service_ready
 
 COPY ./as-yml/ ./as-yml/
diff --git a/dbrepo-analyse-service/requirements.docker.txt b/dbrepo-analyse-service/requirements.docker.txt
new file mode 100644
index 0000000000..bf69c5bd68
--- /dev/null
+++ b/dbrepo-analyse-service/requirements.docker.txt
@@ -0,0 +1,8 @@
+messytables==0.15.2
+flask==2.3.2
+flasgger==0.9.5
+py-eureka-client==0.9.1
+docker==5.0.0
+prometheus_flask_exporter==0.21.0
+pytest==7.2.1
+coverage==7.1.0
\ No newline at end of file
diff --git a/dbrepo-analyse-service/requirements.txt b/dbrepo-analyse-service/requirements.txt
index fb00deb887..61e4283c6d 100644
--- a/dbrepo-analyse-service/requirements.txt
+++ b/dbrepo-analyse-service/requirements.txt
@@ -1,6 +1,6 @@
 messytables==0.15.2
 pandas==1.2.3
-flask==2.1.2
+flask==2.3.2
 flasgger==0.9.5
 psycopg2-binary==2.8.6
 py-eureka-client==0.9.1
@@ -8,7 +8,6 @@ docker==5.0.0
 sqlalchemy==1.4.15
 requests==2.26.0
 gevent==21.8.0
-markupsafe==2.0.1
 prometheus_flask_exporter==0.21.0
 pytest==7.2.1
 coverage==7.1.0
\ No newline at end of file
-- 
GitLab