OC-867: Secure docker-compose file #650

finlay-jisc · 2024-04-30T12:16:59Z

The purpose of this PR was to make changes to the docker-compose file to stop our use of outdated docker images that have security vulnerabilities.

This is mostly using later image versions but two changes were a bit different:

Mailhog was swapped out for a similar application called Mailpit which was pretty much like for like. Mailpit is actively updated while mailhog hadn't been updated for some time.
Adminer was removed because its latest docker image had vulnerabilities and a similar utility can be got from running npx prisma studio in the /api directory.

Update vulnerable / outdated software / docker images in use on the docker containers.

E2E

vercel · 2024-04-30T12:17:05Z

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
octopus	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	May 2, 2024 8:59am

api/docker-compose.yml

update docker images and replace mailhog with mailpit

732ebb0

finlay-jisc requested a review from a team as a code owner April 30, 2024 12:17

update verification tests to match mailpit API response

2fed9dc

vercel bot deployed to Preview May 1, 2024 14:12 View deployment

adwearing-jisc reviewed May 2, 2024

View reviewed changes

api/docker-compose.yml Outdated Show resolved Hide resolved

use alpine postgres image

ae5eb4f

vercel bot deployed to Preview May 2, 2024 08:59 View deployment

adwearing-jisc approved these changes May 2, 2024

View reviewed changes

finlay-jisc merged commit f201838 into main May 2, 2024
11 checks passed

Provide feedback