Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

airbyte weak credentials #88

Open
wants to merge 3 commits into
base: main
Choose a base branch
from

Conversation

secureness
Copy link
Contributor

@secureness secureness commented Sep 13, 2024

@RaulDoyensec
Copy link

RaulDoyensec commented Oct 15, 2024

Hi @secureness,

Thank you for your contribution:

  • I noticed that port 2375 is being exposed, which is the host’s Docker socket. This can potentially compromise the host.
  • Additionally, there are many variables referenced in the docker-compose.yaml file that are not set, which makes the configuration non-functional.
  • For the safe configuration, it would be helpful if you could also provide a working docker-compose file that avoids the need to install additional software manually.

Regards.

@RaulDoyensec
Copy link

Hi @secureness

I just wanted to follow up on the changes I suggested for your PR. Let me know if you have any questions or need further clarification.

Regards

@secureness
Copy link
Contributor Author

@RaulDoyensec Hi, sorry I forgot about this PR, thanks for reminding me :))
I'm going to solve the issue today.

@secureness
Copy link
Contributor Author

@RaulDoyensec Sadly the docker-compose setup is deprecated and it doesn't work anymore, I tried to patch the docker-compose configuration but it wasn't possible.
for now, I choose the easiest setup which we only need to download an executable in the current directory and also install the docker and minikube. this can be a most clean setup so far.

@RaulDoyensec
Copy link

RaulDoyensec commented Dec 4, 2024

Hi @secureness,

Apologies for the delayed response. In this scenario, creating a new Docker Compose file might not be the best option. However, you can automate the process by creating a Bash script. Below is a script that sets up an insecure insecure Airbyte instance:

#!/bin/bash

set -e

echo "Updating package index..."
sudo apt update

echo "Installing Docker..."
sudo apt install -y docker.io

echo "Adding current user to the 'docker' group..."
sudo usermod -aG docker "$USER"

echo "Installing Minikube..."
curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64
sudo install minikube-linux-amd64 /usr/local/bin/minikube
rm minikube-linux-amd64

echo "Starting Minikube..."
minikube start

echo "Adding alias for kubectl..."
echo 'alias kubectl="minikube kubectl --"' >> ~/.bashrc
source ~/.bashrc

echo "Downloading abctl..."
curl -LO https://github.com/airbytehq/abctl/releases/download/v0.16.0/abctl-v0.16.0-linux-amd64.tar.gz
tar -xvzf abctl-v0.16.0-linux-amd64.tar.gz
sudo mv abctl-v0.16.0-linux-amd64/abctl /usr/local/bin/
rm -rf abctl-v0.16.0-linux-amd64 abctl-v0.16.0-linux-amd64.tar.gz
sudo chmod +x /usr/local/bin/abctl

echo "Uninstalling any previous Airbyte installation..."
abctl local uninstall

echo "Installing Airbyte..."
abctl local install

echo "Setting up credentials for an insecure instance..."
abctl local credentials --email user@company.example
abctl local credentials --password new_password

echo "Installation completed! Access Airbyte at http://localhost:8000"

@secureness
Copy link
Contributor Author

@RaulDoyensec Thank you!
I've added some more lines to the bash, especially for handling possible errors and adding docker requirements before installing it on ubuntu.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants