Story #11854: Small OPS Cleanup.

[GiooDev]

Description

• Remove unexisting inventory group.
• Add gather_facts as we need to define the ansible_distribution.
• Update useless double if in mongo scripts.

Type de changement

• Ansiblerie

Contributeur

• VAS (Vitam Accessible en Service)

[vitam-devops]

Checkmarx One – Scan Summary & Details – 220f7852-9085-495d-b7b7-51c74efe5063

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	CVE-2019-15599	Npm-tree-kill-1.2.1	Vulnerable Package
	CVE-2020-28469	Npm-glob-parent-3.1.0	Vulnerable Package
	CVE-2020-28502	Npm-xmlhttprequest-ssl-1.5.5	Vulnerable Package
	CVE-2020-36048	Npm-engine.io-3.2.1	Vulnerable Package
	CVE-2020-36049	Npm-socket.io-parser-3.2.0	Vulnerable Package
	CVE-2020-7660	Npm-serialize-javascript-1.9.1	Vulnerable Package
	CVE-2020-7788	Npm-ini-1.3.5	Vulnerable Package
	CVE-2021-23382	Npm-postcss-7.0.14	Vulnerable Package
	CVE-2021-23424	Npm-ansi-html-0.0.7	Vulnerable Package
	CVE-2021-31597	Npm-xmlhttprequest-ssl-1.5.5	Vulnerable Package
	CVE-2022-2421	Npm-socket.io-parser-3.2.0	Vulnerable Package
	CVE-2022-24771	Npm-node-forge-0.10.0	Vulnerable Package
	CVE-2022-24772	Npm-node-forge-0.10.0	Vulnerable Package
	CVE-2022-25858	Npm-terser-3.17.0	Vulnerable Package
	CVE-2022-25881	Npm-http-cache-semantics-3.8.1	Vulnerable Package
	CVE-2022-25883	Npm-semver-6.3.0	Vulnerable Package
	CVE-2022-25883	Npm-semver-6.0.0	Vulnerable Package
	CVE-2022-37599	Npm-loader-utils-1.2.3	Vulnerable Package
	CVE-2022-37601	Npm-loader-utils-1.2.3	Vulnerable Package
	CVE-2022-37603	Npm-loader-utils-1.2.3	Vulnerable Package
	CVE-2023-32695	Npm-socket.io-parser-3.2.0	Vulnerable Package
	CVE-2023-45133	Npm-babel-traverse-6.26.0	Vulnerable Package
	CVE-2024-29180	Npm-webpack-dev-middleware-3.6.2	Vulnerable Package
	CVE-2024-38355	Npm-socket.io-2.1.1	Vulnerable Package
	CVE-2024-4068	Npm-braces-2.3.2	Vulnerable Package
	Cx347a3da7-ba99	Npm-node-forge-0.10.0	Vulnerable Package
	TestSebas	/Dockerfile: 10	Test Sebas
	TestSebas	/Dockerfile: 11	Test Sebas
	TestSebas	/Dockerfile: 10	Test Sebas
	CVE-2019-16769	Npm-serialize-javascript-1.9.1	Vulnerable Package
	CVE-2020-15366	Npm-ajv-6.10.0	Vulnerable Package
	CVE-2020-15366	Npm-ajv-5.5.2	Vulnerable Package
	CVE-2020-28481	Npm-socket.io-2.1.1	Vulnerable Package
	CVE-2020-7608	Npm-yargs-parser-11.1.1	Vulnerable Package
	CVE-2020-7693	Npm-sockjs-0.3.19	Vulnerable Package
	CVE-2021-23364	Npm-browserslist-4.5.5	Vulnerable Package
	CVE-2021-23368	Npm-postcss-7.0.14	Vulnerable Package
	CVE-2021-23495	Npm-karma-4.1.0	Vulnerable Package
	CVE-2021-4231	Npm-@angular/core-8.2.14	Vulnerable Package
	CVE-2022-0122	Npm-node-forge-0.10.0	Vulnerable Package
	CVE-2022-0437	Npm-karma-4.1.0	Vulnerable Package
	CVE-2022-21704	Npm-log4js-4.5.1	Vulnerable Package
	CVE-2022-24773	Npm-node-forge-0.10.0	Vulnerable Package
	CVE-2022-41940	Npm-engine.io-3.2.1	Vulnerable Package
	CVE-2023-44270	Npm-postcss-7.0.14	Vulnerable Package
	CVE-2024-28863	Npm-tar-4.4.19	Vulnerable Package
	CVE-2024-29415	Npm-ip-2.0.0	Vulnerable Package
	CVE-2024-29415	Npm-ip-1.1.5	Vulnerable Package
	CVE-2020-15262	Npm-webpack-subresource-integrity-1.1.0-rc.6	Vulnerable Package
	Logging of Sensitive Data	/ansible.cfg: 2	To keep sensitive values out of logs, tasks that expose them need to be marked defining 'no_log' and setting to True
	Logging of Sensitive Data	/ansible.cfg: 2	To keep sensitive values out of logs, tasks that expose them need to be marked defining 'no_log' and setting to True
	Logging of Sensitive Data	/ansible.cfg: 1	To keep sensitive values out of logs, tasks that expose them need to be marked defining 'no_log' and setting to True

[bbenaissa]

par contre, ça marche pas en cas de montée de version

[GiooDev]

par contre, ça marche pas en cas de montée de version

de quoi ?

[bbenaissa]

la montée de version de vitamui, puisque les scripts ne seront pas re-executés

[ebernard]

Si tu parles des scripts mongo, ils font exactement la même chose donc ce n'est pas grave s'ils ne sont pas rejoués.