Fix: keep the logs for 90 days #36
2 changed files with 20 additions and 3 deletions
|
@ -2,6 +2,6 @@ FROM python:3.9-alpine
|
||||||
LABEL description="Aurore's docker image for ansible-lint"
|
LABEL description="Aurore's docker image for ansible-lint"
|
||||||
|
|
||||||
RUN apk add --no-cache gcc musl-dev python3-dev libffi-dev openssl-dev cargo
|
RUN apk add --no-cache gcc musl-dev python3-dev libffi-dev openssl-dev cargo
|
||||||
RUN pip install "yamllint>=1.26.0,<2.0"
|
RUN pip install --no-cache-dir "yamllint>=1.26.0,<2.0"
|
||||||
RUN pip install "ansible-lint==5.0.0"
|
RUN pip install --no-cache-dir "ansible-lint==5.0.0"
|
||||||
RUN pip install "ansible>=2.10,<2.11"
|
RUN pip install --no-cache-dir "ansible>=2.10,<2.11"
|
||||||
|
|
17
sudo_upgrade.yml
Executable file
17
sudo_upgrade.yml
Executable file
|
@ -0,0 +1,17 @@
|
||||||
|
#!/usr/bin/env ansible-playbook
|
||||||
|
---
|
||||||
|
# This is a special playbook to upgrade sudo everywhere after the
|
||||||
|
# CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)
|
||||||
|
# Please always use with --limit myserver.adm.auro.re
|
||||||
|
# And list updates with --check
|
||||||
|
- hosts: all
|
||||||
|
tasks:
|
||||||
|
- name: Upgrade sudo
|
||||||
|
apt:
|
||||||
|
name: sudo
|
||||||
|
state: latest
|
||||||
|
update_cache: true
|
||||||
|
cache_valid_time: 3600 # one hour
|
||||||
|
register: apt_result
|
||||||
|
retries: 3
|
||||||
|
until: apt_result is succeeded
|
Loading…
Reference in a new issue