Added missing items to docker.local (#79)

btassone · bt353 · web-flow · commit 20e8c24cfdfd · 2024-12-19T01:58:07.000-05:00
* Added missing items to deco

* Add "contents: read" &amp; "pull-requests: write" to test.yaml

* Fully update go.mod and go.sum to take care of security concerns

---------

Co-authored-by: bt353 &lt;brandon.tassone@yale.edu&gt;
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -1,4 +1,7 @@
 name: Tests
+permissions:
+  contents: read
+  pull-requests: write
 on:
   push:
 
diff --git a/docker/Dockerfile.local b/docker/Dockerfile.local
@@ -1,4 +1,4 @@
-FROM golang:1.21.3-alpine as gobuff
+FROM golang:1.21.3-alpine AS gobuff
 
 EXPOSE 3000
 
@@ -23,7 +23,7 @@ RUN go install github.com/gobuffalo/buffalo-pop/v3@latest
 RUN mkdir /src
 WORKDIR /src
 
-FROM gobuff as builder
+FROM gobuff AS builder
 RUN mkdir /app
 WORKDIR /app
 COPY go.mod .
@@ -34,11 +34,12 @@ RUN go version
 RUN buffalo build --static -o /bin/api
 
 FROM alpine
-RUN apk add --no-cache bash ca-certificates
-    
+RUN apk add --no-cache bash ca-certificates curl
+
 WORKDIR /app/
 
-COPY --from=builder /bin/api ./api
+COPY --from=builder /bin/api /bin/api
+RUN chown nobody:nogroup /bin/api
 
 # copy local config.json file
 COPY config/config.json ./config/
@@ -51,4 +52,5 @@ EXPOSE 8080
 RUN chown -R nobody:nogroup .
 USER nobody
 
-CMD exec /app/api
+CMD cp /bin/api /app/api && \
+    exec /app/api
diff --git a/go.mod b/go.mod
@@ -1,42 +1,44 @@
 module github.com/YaleSpinup/rds-api
 
-go 1.21
+go 1.23
+
+toolchain go1.23.2
 
 require (
 	github.com/YaleSpinup/apierror v0.1.5
-	github.com/aws/aws-sdk-go v1.50.11
+	github.com/aws/aws-sdk-go v1.55.5
 	github.com/gobuffalo/buffalo v1.1.0
 	github.com/gobuffalo/envy v1.10.2
 	github.com/gobuffalo/mw-paramlogger v1.0.2
 	github.com/gobuffalo/packr/v2 v2.8.3
 	github.com/gobuffalo/suite/v3 v3.0.2
 	github.com/gobuffalo/x v0.1.0
 	github.com/pkg/errors v0.9.1
-	github.com/rs/cors v1.11.0
+	github.com/rs/cors v1.11.1
 	github.com/sirupsen/logrus v1.9.3
 	golang.org/x/crypto v0.31.0
 )
 
 require (
 	github.com/kr/pretty v0.3.1 // indirect
-	golang.org/x/mod v0.17.0 // indirect
+	golang.org/x/mod v0.22.0 // indirect
 )
 
 require (
-	github.com/BurntSushi/toml v1.3.2 // indirect
+	github.com/BurntSushi/toml v1.4.0 // indirect
 	github.com/Masterminds/semver/v3 v3.2.1 // indirect
 	github.com/YaleSpinup/aws-go v0.2.5
 	github.com/aymerick/douceur v0.2.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/dustin/go-humanize v1.0.1 // indirect
-	github.com/fatih/color v1.15.0 // indirect
+	github.com/fatih/color v1.18.0 // indirect
 	github.com/fatih/structs v1.1.0 // indirect
-	github.com/felixge/httpsnoop v1.0.3 // indirect
-	github.com/fsnotify/fsnotify v1.6.0 // indirect
+	github.com/felixge/httpsnoop v1.0.4 // indirect
+	github.com/fsnotify/fsnotify v1.8.0 // indirect
 	github.com/go-sql-driver/mysql v1.7.1 // indirect
 	github.com/gobuffalo/events v1.4.3 // indirect
 	github.com/gobuffalo/fizz v1.14.4 // indirect
-	github.com/gobuffalo/flect v1.0.0 // indirect
+	github.com/gobuffalo/flect v1.0.3 // indirect
 	github.com/gobuffalo/github_flavored_markdown v1.1.4 // indirect
 	github.com/gobuffalo/grift v1.5.2 // indirect
 	github.com/gobuffalo/helpers v0.6.7 // indirect
@@ -46,19 +48,19 @@ require (
 	github.com/gobuffalo/mw-csrf v1.0.2 // indirect
 	github.com/gobuffalo/nulls v0.4.2 // indirect
 	github.com/gobuffalo/packd v1.0.2 // indirect
-	github.com/gobuffalo/plush/v4 v4.1.19 // indirect
+	github.com/gobuffalo/plush/v4 v4.1.22 // indirect
 	github.com/gobuffalo/pop/v5 v5.3.4 // indirect
 	github.com/gobuffalo/refresh v1.13.3 // indirect
 	github.com/gobuffalo/tags/v3 v3.1.4 // indirect
 	github.com/gobuffalo/validate/v3 v3.3.3 // indirect
 	github.com/gofrs/uuid v4.4.0+incompatible // indirect
 	github.com/gofrs/uuid/v3 v3.1.2 // indirect
 	github.com/google/uuid v1.6.0
-	github.com/gorilla/css v1.0.0 // indirect
-	github.com/gorilla/handlers v1.5.1 // indirect
-	github.com/gorilla/mux v1.8.0 // indirect
-	github.com/gorilla/securecookie v1.1.1 // indirect
-	github.com/gorilla/sessions v1.2.1 // indirect
+	github.com/gorilla/css v1.0.1 // indirect
+	github.com/gorilla/handlers v1.5.2 // indirect
+	github.com/gorilla/mux v1.8.1 // indirect
+	github.com/gorilla/securecookie v1.1.2 // indirect
+	github.com/gorilla/sessions v1.4.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jackc/chunkreader/v2 v2.0.1 // indirect
 	github.com/jackc/pgconn v1.14.3 // indirect
@@ -78,21 +80,21 @@ require (
 	github.com/markbates/oncer v1.0.0 // indirect
 	github.com/markbates/safe v1.0.1 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
-	github.com/mattn/go-isatty v0.0.19 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mattn/go-sqlite3 v2.0.3+incompatible // indirect
-	github.com/microcosm-cc/bluemonday v1.0.22 // indirect
+	github.com/microcosm-cc/bluemonday v1.0.27 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
 	github.com/monoculum/formam v3.5.5+incompatible // indirect
 	github.com/patrickmn/go-cache v2.1.0+incompatible
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/rogpeppe/go-internal v1.11.0 // indirect
+	github.com/rogpeppe/go-internal v1.13.1 // indirect
 	github.com/sergi/go-diff v1.3.1 // indirect
 	github.com/sourcegraph/annotate v0.0.0-20160123013949-f4cad6c6324d // indirect
 	github.com/sourcegraph/syntaxhighlight v0.0.0-20170531221838-bd320f5d308e // indirect
-	github.com/spf13/cobra v1.7.0 // indirect
+	github.com/spf13/cobra v1.8.1 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/stretchr/testify v1.8.4 // indirect
-	golang.org/x/net v0.21.0 // indirect
+	golang.org/x/net v0.33.0 // indirect
 	golang.org/x/sync v0.10.0 // indirect
 	golang.org/x/sys v0.28.0 // indirect
 	golang.org/x/term v0.27.0 // indirect
diff --git a/go.sum b/go.sum
