updating messageing lib and docker scanning

Signed-off-by: Neil South <[email protected]>
Project-MONAI · Feb 19, 2024 · 500b733 · 500b733
1 parent 11721d4
commit 500b733
Show file tree

Hide file tree

Showing 77 changed files with 1,154 additions and 489 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -433,13 +433,34 @@ jobs:
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
 
-      - name: Scan image with Azure Container Scan
-        env:
-          TRIVY_TIMEOUT_SEC: 360s
-        uses: Azure/[email protected]
+      # - name: Scan image with Azure Container Scan
+      #   env:
+      #     TRIVY_TIMEOUT_SEC: 360s
+      #   uses: Azure/[email protected]
+      #   if: ${{ (matrix.os == 'ubuntu-latest') }}
+      #   with:
+      #     image-name: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
+
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        if: ${{ (matrix.os == 'ubuntu-latest') }}
+        with:
+          image-ref: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL'
+          fail-build: true
+
+      - uses: goodwithtech/dockle-action@main
         if: ${{ (matrix.os == 'ubuntu-latest') }}
         with:
-          image-name: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
+          image: ${{ fromJSON(steps.meta.outputs.json).tags[0] }}
+          format: 'list'
+          exit-code: '1'
+          exit-level: 'warn'
+          ignore: 'CIS-DI-0001,CIS-DI-0010,DKL-DI-0006'
 
       - name: Anchore container scan
         id: anchore-scan
@@ -450,7 +471,7 @@ jobs:
           fail-build: true
           severity-cutoff: critical
 
-      - name: Upload Anchore scan SARIF report
+      - name: Upload scan SARIF report
         uses: github/codeql-action/upload-sarif@v2
         if: ${{ (matrix.os == 'ubuntu-latest') }}
         with:

diff --git a/Dockerfile b/Dockerfile
@@ -27,24 +27,31 @@ RUN dotnet publish -c Release -o out --nologo src/InformaticsGateway/Monai.Deplo
 
 # Build runtime image
 FROM mcr.microsoft.com/dotnet/aspnet:8.0-jammy
+RUN adduser --system --group --no-create-home appuser
 
 # Enable elastic client compatibility mode
 ENV ELASTIC_CLIENT_APIVERSIONING=true
 ENV DEBIAN_FRONTEND=noninteractive
 
 RUN apt-get clean \
  && apt-get update \
- && apt-get install -y --no-install-recommends \
-    curl \
-    && rm -rf /var/lib/apt/lists
+ && apt-get install -y --no-install-recommends curl \
+ && apt-get install -y libc6-dev=2.35-0ubuntu3.6 \
+ && rm -rf /var/lib/apt/lists                           # this is a workaround for Mongo encryption library
+
+
 
 WORKDIR /opt/monai/ig
 
+RUN chown -R appuser:appuser /opt/monai/ig
+
 COPY --from=build /app/out .
 COPY --from=build /tools /opt/dotnetcore-tools
 COPY LICENSE ./
 COPY docs/compliance/third-party-licenses.md ./
 
+RUN ln -s /usr/lib/x86_64-linux-gnu/libdl.so.2 /opt/monai/ig/libdl.so    # part 2 of workaround for Mongo encryption library
+
 EXPOSE 104
 EXPOSE 2575
 EXPOSE 5000
@@ -54,4 +61,6 @@ HEALTHCHECK --interval=10s --retries=10 CMD curl --fail http://localhost:5000/he
 RUN ls -lR /opt/monai/ig
 ENV PATH="/opt/dotnetcore-tools:${PATH}"
 
+USER appuser
+
 ENTRYPOINT ["/opt/monai/ig/Monai.Deploy.InformaticsGateway"]
diff --git a/doc/dependency_decisions.yml b/doc/dependency_decisions.yml
@@ -583,6 +583,8 @@
   - Microsoft.NET.ILLink.Tasks
   - :versions:
       - 8.0.0
+      - 8.0.1
+      - 8.0.2
     :when: 2022-10-14T23:37:16.793Z
     :who: mocsharp
     :why: MIT (https://github.com/dotnet/runtime/raw/main/LICENSE.TXT)
@@ -659,14 +661,14 @@
 - - :approve
   - Monai.Deploy.Messaging
   - :versions:
-      - 2.0.0
+      - 2.0.2
     :when: 2023-10-13T18:06:21.511Z
     :who: neilsouth
     :why: Apache-2.0 (https://github.com/Project-MONAI/monai-deploy-messaging/raw/main/LICENSE)
 - - :approve
   - Monai.Deploy.Messaging.RabbitMQ
   - :versions:
-      - 2.0.0
+      - 2.0.2
     :when: 2023-10-13T18:06:21.511Z
     :who: neilsouth
     :why: Apache-2.0 (https://github.com/Project-MONAI/monai-deploy-messaging/raw/main/LICENSE)
@@ -1775,4 +1777,4 @@
       - 7.0.0
     :when: 2023-08-10T20:50:14.759Z
     :who: mocsharp
-    :why: MIT (https://raw.githubusercontent.com/dotnet/runtime/main/LICENSE.TXT)
+    :why: MIT (https://raw.githubusercontent.com/dotnet/runtime/main/LICENSE.TXT)
diff --git a/src/Api/HL7DestinationEntity.cs b/src/Api/HL7DestinationEntity.cs
@@ -25,7 +25,6 @@ namespace Monai.Deploy.InformaticsGateway.Api.Models
     /// {
     ///     "name": "MYPACS",
     ///     "hostIp": "10.20.100.200",
-    ///     "aeTitle": "MONAIPACS",
     ///     "port": 1104
     /// }
     /// </code>
@@ -36,5 +35,10 @@ public class HL7DestinationEntity : BaseApplicationEntity
         /// Gets or sets the port to connect to.
         /// </summary>
         public int Port { get; set; }
+
+        public override string ToString()
+        {
+            return $"Name: {Name}/Host: {HostIp}/Port: {Port}";
+        }
     }
 }
diff --git a/src/Api/Models/BaseApplicationEntity.cs b/src/Api/Models/BaseApplicationEntity.cs
@@ -35,10 +35,6 @@ public class BaseApplicationEntity : MongoDBEntityBase
         /// </summary>
         public string Name { get; set; } = default!;
 
-        /// <summary>
-        ///  Gets or sets the AE Title (AET) used to identify itself in a DICOM association.
-        /// </summary>
-        public string AeTitle { get; set; } = default!;
 
         /// <summary>
         /// Gets or set the host name or IP address of the AE Title.
@@ -62,13 +58,10 @@ public class BaseApplicationEntity : MongoDBEntityBase
 
         public BaseApplicationEntity()
         {
-            SetDefaultValues();
         }
 
-        public void SetDefaultValues()
+        public virtual void SetDefaultValues()
         {
-            if (string.IsNullOrWhiteSpace(Name))
-                Name = AeTitle;
         }
 
         public void SetAuthor(ClaimsPrincipal user, EditMode editMode)
@@ -90,7 +83,7 @@ public void SetAuthor(ClaimsPrincipal user, EditMode editMode)
 
         public override string ToString()
         {
-            return $"Name: {Name}/AET: {AeTitle}/Host: {HostIp}";
+            return $"Name: {Name} /Host: {HostIp}";
         }
     }
 }
diff --git a/src/Api/Models/DestinationApplicationEntity.cs b/src/Api/Models/DestinationApplicationEntity.cs
@@ -32,9 +32,30 @@ namespace Monai.Deploy.InformaticsGateway.Api.Models
     /// </example>
     public class DestinationApplicationEntity : BaseApplicationEntity
     {
+        public DestinationApplicationEntity() : base()
+        {
+            SetDefaultValues();
+        }
+
         /// <summary>
         /// Gets or sets the port to connect to.
         /// </summary>
         public int Port { get; set; }
+
+        /// <summary>
+        ///  Gets or sets the AE Title (AET) used to identify itself in a DICOM association.
+        /// </summary>
+        public string AeTitle { get; set; } = default!;
+
+        public override void SetDefaultValues()
+        {
+            if (string.IsNullOrWhiteSpace(Name))
+                Name = AeTitle;
+        }
+
+        public override string ToString()
+        {
+            return $"Name: {Name}/AET: {AeTitle}/Host: {HostIp}/Port: {Port}";
+        }
     }
 }
diff --git a/src/Api/Monai.Deploy.InformaticsGateway.Api.csproj b/src/Api/Monai.Deploy.InformaticsGateway.Api.csproj
@@ -51,8 +51,8 @@
     <PackageReference Include="fo-dicom" Version="5.1.2" />
     <PackageReference Include="HL7-dotnetcore" Version="2.36.0" />
     <PackageReference Include="Macross.Json.Extensions" Version="3.0.0" />
-    <PackageReference Include="Monai.Deploy.Messaging" Version="2.0.0" />
-    <PackageReference Include="Monai.Deploy.Messaging.RabbitMQ" Version="2.0.0" />
+    <PackageReference Include="Monai.Deploy.Messaging" Version="2.0.2" />
+    <PackageReference Include="Monai.Deploy.Messaging.RabbitMQ" Version="2.0.2" />
     <PackageReference Include="Monai.Deploy.Storage" Version="1.0.0" />
     <PackageReference Include="Microsoft.EntityFrameworkCore.Abstractions" Version="8.0.0" />
   </ItemGroup>

diff --git a/src/Api/SourceApplicationEntity.cs b/src/Api/SourceApplicationEntity.cs
@@ -33,5 +33,25 @@ namespace Monai.Deploy.InformaticsGateway.Api
     /// </example>
     public class SourceApplicationEntity : BaseApplicationEntity
     {
+        public SourceApplicationEntity() : base()
+        {
+            SetDefaultValues();
+        }
+
+        /// <summary>
+        ///  Gets or sets the AE Title (AET) used to identify itself in a DICOM association.
+        /// </summary>
+        public string AeTitle { get; set; } = default!;
+
+        public override void SetDefaultValues()
+        {
+            if (string.IsNullOrWhiteSpace(Name))
+                Name = AeTitle;
+        }
+
+        public override string ToString()
+        {
+            return $"Name: {Name}/AET: {AeTitle}/Host: {HostIp}";
+        }
     }
 }
diff --git a/src/Api/Storage/Hl7FileStorageMetadata.cs b/src/Api/Storage/Hl7FileStorageMetadata.cs
@@ -27,7 +27,7 @@ namespace Monai.Deploy.InformaticsGateway.Api.Storage
     public sealed record Hl7FileStorageMetadata : FileStorageMetadata
     {
         public const string Hl7SubDirectoryName = "ehr";
-        public const string FileExtension = ".txt";
+        public const string FileExtension = ".hl7";
 
         /// <inheritdoc/>
         [JsonIgnore]

diff --git a/src/Api/Storage/Payload.cs b/src/Api/Storage/Payload.cs
@@ -86,8 +86,6 @@ public TimeSpan Elapsed
 
         public int FilesFailedToUpload { get => Files.Count(p => p.IsUploadFailed); }
 
-        public string DestinationFolder { get; set; } = string.Empty;
-
         public Payload(string key, string correlationId, string? workflowInstanceId, string? taskId, DataOrigin dataTrigger, uint timeout)
         {
             Guard.Against.NullOrWhiteSpace(key, nameof(key));
@@ -108,7 +106,7 @@ public Payload(string key, string correlationId, string? workflowInstanceId, str
             DataTrigger = dataTrigger;
         }
 
-        public Payload(string key, string correlationId, string? workflowInstanceId, string? taskId, DataOrigin dataTrigger, uint timeout, string? payloadId = null, string? DestinationFolder = null) :
+        public Payload(string key, string correlationId, string? workflowInstanceId, string? taskId, DataOrigin dataTrigger, uint timeout, string? payloadId) :
             this(key, correlationId, workflowInstanceId, taskId, dataTrigger, timeout)
         {
             Guard.Against.NullOrWhiteSpace(key, nameof(key));
@@ -121,7 +119,6 @@ public Payload(string key, string correlationId, string? workflowInstanceId, str
             {
                 PayloadId = Guid.Parse(payloadId);
             }
-            DestinationFolder ??= string.Empty;
         }
 
         public void Add(FileStorageMetadata value)

diff --git a/src/Api/Test/HL7DestinationEntityTest.cs b/src/Api/Test/HL7DestinationEntityTest.cs
@@ -21,34 +21,23 @@ namespace Monai.Deploy.InformaticsGateway.Api.Test
 {
     public class HL7DestinationEntityTest
     {
-        [Fact]
-        public void GivenAMonaiApplicationEntity_WhenNameIsNotSet_ExepectSetDefaultValuesToBeUsed()
-        {
-            var entity = new HL7DestinationEntity
-            {
-                AeTitle = "AET",
-            };
-
-            entity.SetDefaultValues();
 
-            Assert.Equal(entity.AeTitle, entity.Name);
-        }
 
         [Fact]
         public void GivenAMonaiApplicationEntity_WhenNameIsSet_ExepectSetDefaultValuesToNotOverwrite()
         {
             var entity = new HL7DestinationEntity
             {
-                AeTitle = "AET",
+                Port = 1104,
                 HostIp = "IP",
                 Name = "Name"
             };
 
             entity.SetDefaultValues();
 
-            Assert.Equal("AET", entity.AeTitle);
             Assert.Equal("IP", entity.HostIp);
             Assert.Equal("Name", entity.Name);
+            Assert.Equal(1104, entity.Port);
         }
     }
 }
diff --git a/src/Api/Test/BaseApplicationEntityTest.cs → ...i/Test/SourceBaseApplicationEntityTest.cs b/src/Api/Test/BaseApplicationEntityTest.cs → ...i/Test/SourceBaseApplicationEntityTest.cs
@@ -14,17 +14,16 @@
  * limitations under the License.
  */
 
-using Monai.Deploy.InformaticsGateway.Api.Models;
 using Xunit;
 
 namespace Monai.Deploy.InformaticsGateway.Api.Test
 {
-    public class BaseApplicationEntityTest
+    public class SourceBaseApplicationEntityTest
     {
         [Fact]
         public void GivenABaseApplicationEntity_WhenNameIsNotSet_ExpectSetDefaultValuesToSetName()
         {
-            var entity = new BaseApplicationEntity
+            var entity = new SourceApplicationEntity
             {
                 AeTitle = "AET",
                 HostIp = "IP"
@@ -38,7 +37,7 @@ public void GivenABaseApplicationEntity_WhenNameIsNotSet_ExpectSetDefaultValuesT
         [Fact]
         public void GivenABaseApplicationEntity_WhenNameIsSet_ExpectSetDefaultValuesToNotSetName()
         {
-            var entity = new BaseApplicationEntity
+            var entity = new SourceApplicationEntity
             {
                 AeTitle = "AET",
                 HostIp = "IP",