Changes needed due to security reasons.

Bump versions to generate alpha versions and dockerhub images
baobabsoluciones · May 10, 2024 · e2ac882 · e2ac882
1 parent 1578368
commit e2ac882
Show file tree

Hide file tree

Showing 11 changed files with 28 additions and 17 deletions.
diff --git a/.github/workflows/cornflow-client-publish-to-pypi.yml b/.github/workflows/cornflow-client-publish-to-pypi.yml
@@ -38,7 +38,7 @@ jobs:
         password: ${{ secrets.pypi_password }}
         packages_dir: libs/client/dist/
     - name: Get version number
-      uses: jungwinter/split@v2
+      uses: winterjung/split@v2
       id: split
       with:
         msg : ${{ github.ref_name}}

diff --git a/.github/workflows/cornflow-publish-to-pypi.yml b/.github/workflows/cornflow-publish-to-pypi.yml
@@ -38,7 +38,7 @@ jobs:
         password: ${{ secrets.CORNFLOW_PYPI_TOKEN }}
         packages_dir: cornflow-server/dist/
     - name: Get version number
-      uses: jungwinter/split@v2
+      uses: winterjung/split@v2
       id: split
       with:
         msg : ${{ github.ref_name }}

diff --git a/cornflow-server/Dockerfile b/cornflow-server/Dockerfile
@@ -1,4 +1,4 @@
-# VERSION 1.0.10
+# VERSION 1.0.11
 # AUTHOR: [email protected]
 
 FROM python:3.10-slim-buster
@@ -9,7 +9,7 @@ ENV DEBIAN_FRONTEND noninteractive
 ENV TERM linux
 
 # CORNFLOW vars
-ARG CORNFLOW_VERSION=1.0.10
+ARG CORNFLOW_VERSION=1.0.11a1
 
 # install linux pkg
 RUN apt update -y && apt-get install -y --no-install-recommends \

diff --git a/cornflow-server/airflow_config/Dockerfile b/cornflow-server/airflow_config/Dockerfile
@@ -1,7 +1,7 @@
 # AIRFLOW VERSION 2.9.0
 # AUTHOR: [email protected]
 # DESCRIPTION: Airflow 2.9.0 image personalized for use with Cornflow (from baobabsoluciones/pysolver image)
-# baobab code version is 1.0.10
+# baobab code version is 1.0.11
 
 FROM baobabsoluciones/pysolver:1.0
 LABEL maintainer="cornflow@baobabsoluciones"
@@ -11,7 +11,7 @@ ENV DEBIAN_FRONTEND noninteractive
 ENV TERM linux
 
 # Airflow vars
-ARG AIRFLOW_VERSION=2.9.0
+ARG AIRFLOW_VERSION=2.9.1
 ARG AIRFLOW_USER_HOME=/usr/local/airflow
 ARG CONSTRAINT_URL="https://raw.githubusercontent.com/apache/airflow/constraints-${AIRFLOW_VERSION}/constraints-3.10.txt"
 ARG AIRFLOW__CORE__LOAD_EXAMPLES=False
@@ -20,7 +20,7 @@ ENV AIRFLOW_HOME=${AIRFLOW_USER_HOME}
 # install Airflow and extras: celery,postgres and redis
 RUN pip install "apache-airflow[celery,google,postgres,redis,sendgrid]==${AIRFLOW_VERSION}" --constraint "${CONSTRAINT_URL}"
 # We add these overruns due to security reasons as suggested here: https://airflow.apache.org/docs/apache-airflow/stable/installation/installing-from-pypi.html#upgrading-and-installing-dependencies-including-providers
-RUN pip install "apache-airflow[celery,google,postgres,redis,sendgrid]==${AIRFLOW_VERSION}" "cryptography==42.0.5" "gunicorn==22.0.0" "requests==2.31.0" "Werkzeug==2.3.8"
+RUN pip install "apache-airflow[celery,google,postgres,redis,sendgrid]==${AIRFLOW_VERSION}" "cryptography==42.0.5" "gunicorn==22.0.0" "requests==2.31.0" "Werkzeug==3.0.3"
 
 # copy init script and config to container
 COPY scripts ${AIRFLOW_HOME}/scripts

diff --git a/cornflow-server/changelog.rst b/cornflow-server/changelog.rst
@@ -1,3 +1,14 @@
+version 1.0.11
+---------------
+
+- released: 2024-05-10
+- description: release to fix security vulnerabilities
+- changelog:
+    - Upgraded flask-cors version to 4.0.1
+    - Upgraded Werkzeug version to 3.0.3
+    - Upgraded Airflow to version 2.9.1
+    - Fixed Werkzeug version on airflow image to 3.0.3
+
 version 1.0.10
 ---------------
 

diff --git a/cornflow-server/requirements.txt b/cornflow-server/requirements.txt
@@ -8,7 +8,7 @@ Flask==2.3.2
 flask-apispec<=0.11.4
 Flask-Bcrypt<=1.0.1
 Flask-Compress<=1.13
-flask-cors<=3.0.10
+flask-cors<=4.0.1
 flask-inflate<=0.3
 Flask-Migrate<=4.0.4
 Flask-RESTful<=0.3.9
@@ -27,4 +27,4 @@ pytups>=0.86.2
 requests<=2.31.0
 SQLAlchemy==1.3.21
 webargs<=8.2.0
-Werkzeug<=2.3.8
+Werkzeug<=3.0.3
diff --git a/cornflow-server/setup.py b/cornflow-server/setup.py
@@ -9,7 +9,7 @@
 
 setuptools.setup(
     name="cornflow",
-    version="1.0.10",
+    version="1.0.11a1",
     author="baobab soluciones",
     author_email="[email protected]",
     description="Cornflow is an open source multi-solver optimization server with a REST API built using flask.",

diff --git a/docker-compose-cornflow-celery.yml b/docker-compose-cornflow-celery.yml
@@ -30,7 +30,7 @@ x-airflow-common:
   &airflow-common
   # In order to add custom dependencies or upgrade provider packages you can use your extended image.
   # Comment the image line and uncomment the "build" and "context" lines below, Then run `docker-compose build` to build the images.
-    image: baobabsoluciones/airflow:release-v1.0.8
+    image: baobabsoluciones/airflow:release-v1.0.11
     platform: linux/amd64
     #build: 
     #context: ./cornflow-server/airflow_config
@@ -64,7 +64,7 @@ x-cornflow-common:
   &cornflow-common
   # In order to add custom dependencies or upgrade provider packages you can use your extended image.
   # Comment the image line and uncomment the "build" and "context" lines below, Then run `docker-compose build` to build the images.
-    image: baobabsoluciones/cornflow:release-v1.0.8
+    image: baobabsoluciones/cornflow:release-v1.0.11
     platform: linux/amd64
     #build: 
     #context: ./cornflow-server

diff --git a/docker-compose-cornflow-ldap.yml b/docker-compose-cornflow-ldap.yml
@@ -31,7 +31,7 @@ x-airflow-common:
   &airflow-common
   # In order to add custom dependencies or upgrade provider packages you can use your extended image.
   # Comment the image line and uncomment the "build" and "context" lines below, Then run `docker-compose build` to build the images.
-    image: baobabsoluciones/airflow:release-v1.0.8
+    image: baobabsoluciones/airflow:release-v1.0.11
     platform: linux/amd64
     #build: 
     #context: ./cornflow-server/airflow_config

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -30,7 +30,7 @@ x-airflow-common:
   &airflow-common
   # In order to add custom dependencies or upgrade provider packages you can use your extended image.
   # Comment the image line and uncomment the "build" and "context" lines below, Then run `docker-compose build` to build the images.
-    image: baobabsoluciones/airflow:release-v1.0.8
+    image: baobabsoluciones/airflow:release-v1.0.11
     platform: linux/amd64
     #build: 
     #context: ./cornflow-server/airflow_config
@@ -60,7 +60,7 @@ x-cornflow-common:
   &cornflow-common
   # In order to add custom dependencies or upgrade provider packages you can use your extended image.
   # Comment the image line and uncomment the "build" and "context" lines below, Then run `docker-compose build` to build the images.
-    image: baobabsoluciones/cornflow:release-v1.0.8
+    image: baobabsoluciones/cornflow:release-v1.0.11
     platform: linux/amd64
     #build: 
     #context: ./cornflow-server

diff --git a/docs/source/conf.py b/docs/source/conf.py
@@ -66,10 +66,10 @@
 import cornflow_client
 
 
-release = "1.0.10"
+release = "1.0.11"
 # The short X.Y version.
 # version = release[:3]
-version = "1.0.10"
+version = "1.0.11"
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.