Merge pull request #283 from jonrau1/tab_fix

CFN Fix, Docker update
jonrau1 · Jun 24, 2024 · 266d3db · 266d3db
2 parents 72dbd4e + 1e23cb8
commit 266d3db
Show file tree

Hide file tree

Showing 5 changed files with 18 additions and 18 deletions.
diff --git a/.github/workflows/push-ocr-public.yml b/.github/workflows/push-ocr-public.yml
@@ -25,15 +25,15 @@ jobs:
 
       # Get OCR Repo Information
       - name: Get OCR Repository
-        uses: oracle-actions/get-ocir-repository@v1.2.1
+        uses: oracle-actions/get-ocir-repository@v1.3.0
         id: get-ocir-repository
         with:
           name: electriceye
           compartment: ${{ secrets.OCI_COMPARTMENT_OCID }}
 
       # Log into OCR with AuthKey
       - name: OCR Login
-        uses: oracle-actions/login-ocir@v1.2.1
+        uses: oracle-actions/login-ocir@v1.3.0
         id: login-ocir
         with:
           auth_token: ${{ secrets.OCR_AUTHKEY }}

diff --git a/Dockerfile b/Dockerfile
@@ -18,10 +18,10 @@
 #specific language governing permissions and limitations
 #under the License.
 
-# latest hash as of 25 JAN 2024 - Alpine 3.19.1
-# https://hub.docker.com/layers/library/alpine/3.19.1/images/sha256-6457d53fb065d6f250e1504b9bc42d5b6c65941d57532c072d929dd0628977d0?context=explore&tab=vulnerabilities
+# latest hash as of 21 JUNE 2024 - Alpine 3.20.1
+# https://hub.docker.com/layers/library/alpine/3.20.1/images/sha256-dabf91b69c191a1a0a1628fd6bdd029c0c4018041c7f052870bb13c5a222ae76?context=explore
 # use as builder image to pull in required deps
-FROM alpine@sha256:6457d53fb065d6f250e1504b9bc42d5b6c65941d57532c072d929dd0628977d0 AS builder
+FROM alpine@sha256:b89d9c93e9ed3597455c90a0b88a8bbb5cb7188438f70953fede212a0c4394e0 AS builder
 
 ENV PYTHONUNBUFFERED=1
 
@@ -40,19 +40,19 @@ RUN \
     rm -rf /tmp/* && \
     rm -f /var/cache/apk/*
 
-# latest hash as of 25 JAN 2024 - Alpine 3.19.1
-# https://hub.docker.com/layers/library/alpine/3.19.1/images/sha256-6457d53fb065d6f250e1504b9bc42d5b6c65941d57532c072d929dd0628977d0?context=explore&tab=vulnerabilities
-FROM alpine@sha256:6457d53fb065d6f250e1504b9bc42d5b6c65941d57532c072d929dd0628977d0 as electriceye
+# latest hash as of 21 JUNE 2024 - Alpine 3.20.1
+# https://hub.docker.com/layers/library/alpine/3.20.1/images/sha256-dabf91b69c191a1a0a1628fd6bdd029c0c4018041c7f052870bb13c5a222ae76?context=explore
+FROM alpine@sha256:b89d9c93e9ed3597455c90a0b88a8bbb5cb7188438f70953fede212a0c4394e0 as electriceye
 
 COPY --from=builder /usr /usr
 
 LABEL \
     org.opencontainers.image.title="ElectricEye" \
     org.opencontainers.image.description="ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks." \
     org.opencontainers.image.version="3.0" \
-    org.opencontainers.image.created="2024-02-02T00:00:00Z" \
+    org.opencontainers.image.created="2024-06-24T00:00:00Z" \
     org.opencontainers.image.documentation="https://github.com/jonrau1/ElectricEye" \
-    org.opencontainers.image.revision="sha256:6457d53fb065d6f250e1504b9bc42d5b6c65941d57532c072d929dd0628977d0" \
+    org.opencontainers.image.revision="sha256:b89d9c93e9ed3597455c90a0b88a8bbb5cb7188438f70953fede212a0c4394e0" \
     org.opencontainers.image.source="https://github.com/alpinelinux/docker-alpine" \
     org.opencontainers.image.licenses="Apache-2.0" \
     org.opencontainers.image.authors="[email protected]"

diff --git a/cloudformation/ElectricEye_Organizations_StackSet.yaml b/cloudformation/ElectricEye_Organizations_StackSet.yaml
@@ -177,10 +177,10 @@ Resources:
                 - memorydb:Describe*
                 - mq:Describe*
                 - mq:List*
+                - qbusiness:L*
                 - qldb:ListJournalS3Exports
+		- qbusiness:D*
                 - qldb:ListLedgers
-                - qbusiness:GetApplication
-				        - qbusiness:ListApplications
                 - ram:GetResourceShares
                 - rds:DescribeDB*
                 - rds:DescribeEvent*
@@ -206,7 +206,7 @@ Resources:
                 - securityhub:BatchIm*
                 - securityhub:DescribeHub
                 - shield:Describ*
-                - shield:ListAttacks
+                - shield:ListA*
                 - sns:GetTopicAttributes
                 - sns:ListSub*
                 - ssm:ListDocuments
@@ -220,9 +220,9 @@ Resources:
                 - support:DescribeTrustedA*
                 - vpc-lattice:Get*
                 - vpc-lattice:List*
-                - wafv2:GetLoggingConfiguration
+                - wafv2:GetLogging*
                 - wafv2:GetWeb*
-                - wafv2:ListWebACLs
+                - wafv2:ListW*
                 - workspaces:DescribeWorkspaceDirectories
                 - workspaces:DescribeWorkspaces
                 - xray:GetEncryptionConfig
@@ -242,4 +242,4 @@ Resources:
         - 
           Key: Service
           Value: ElectricEye
-# END
+# END
diff --git a/requirements-docker.txt b/requirements-docker.txt
@@ -1,7 +1,7 @@
 awscli>=1.32.108
 boto3>=1.34.108
 click==8.1.7
-detect-secrets==1.4.0
+detect-secrets==1.5.0
 google-api-python-client>=2.88.0
 oci>=2.104.0
 pluginbase==1.0.1

diff --git a/requirements.txt b/requirements.txt
@@ -1,7 +1,7 @@
 awscli>=1.32.108
 boto3>=1.34.108
 click==8.1.7
-detect-secrets==1.4.0
+detect-secrets==1.5.0
 google-api-python-client>=2.88.0
 matplotlib>=3.9.0
 oci>=2.104.0