build(connector-besu): fix CVE-2022-21190 CVE-2023-36665 CVE-2022-2421

Primary Changes ---------------- 1. Updated the version of the base image that is used in the Dockerfile 2. Updated the Dockerfile to use the yarn version 4 3. Updated the README to the new command to run the container Fixes #2745 Signed-off-by: aldousalvarez <aldousss.alvarez@gmail.com>
hyperledger-cacti · Jun 19, 2024 · 79f30fd · 79f30fd
1 parent 03816d4
commit 79f30fd
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 4 deletions.
diff --git a/packages/cactus-plugin-ledger-connector-besu/Dockerfile b/packages/cactus-plugin-ledger-connector-besu/Dockerfile
@@ -1,7 +1,9 @@
-FROM ghcr.io/hyperledger/cactus-cmd-api-server:2022-08-05-7309f2a
-RUN npm install -g yarn@1.22.17
+FROM ghcr.io/hyperledger/cactus-cmd-api-server:2024-03-18-8ddc02d
+RUN npm install -g yarn \
+    && yarn set version 4.1.0 \
+    && yarn config set nodeLinker node-modules
 
 ENV NODE_ENV=production
 ARG NPM_PKG_VERSION=latest
 
-RUN yarn add @hyperledger/cactus-plugin-ledger-connector-besu@${NPM_PKG_VERSION} --production --ignore-engines
+RUN yarn add @hyperledger/cactus-plugin-ledger-connector-besu@${NPM_PKG_VERSION} --exact
diff --git a/packages/cactus-plugin-ledger-connector-besu/README.md b/packages/cactus-plugin-ledger-connector-besu/README.md
@@ -149,7 +149,12 @@ docker run \
   --rm \
   --publish 3000:3000 \
   --publish 4000:4000 \
-  --env PLUGINS='[{"packageName": "@hyperledger/cactus-plugin-ledger-connector-besu", "type": "org.hyperledger.cactus.plugin_import_type.LOCAL", "action": "org.hyperledger.cactus.plugin_import_action.INSTALL",  "options": {"rpcApiHttpHost": "http://localhost:8545", "rpcApiWsHost":"ws://localhost:8546", "instanceId": "some-unique-besu-connector-instance-id"}}]' \
+  --env AUTHORIZATION_PROTOCOL='NONE' \
+  --env AUTHORIZATION_CONFIG_JSON='{}' \
+  --env GRPC_TLS_ENABLED=false \
+  cplcb \
+  node_modules/@hyperledger/cactus-cmd-api-server/dist/lib/main/typescript/cmd/cactus-api.js \
+  --plugins='[{"packageName": "@hyperledger/cactus-plugin-ledger-connector-besu", "type": "org.hyperledger.cactus.plugin_import_type.LOCAL", "action": "org.hyperledger.cactus.plugin_import_action.INSTALL",  "options": {"rpcApiHttpHost": "http://localhost:8545", "rpcApiWsHost":"ws://localhost:8546", "instanceId": "some-unique-besu-connector-instance-id"}}]' \
   cplcb
 ```