diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml index 41ff2fcef..e0e4acf0e 100644 --- a/.github/workflows/security-scan.yml +++ b/.github/workflows/security-scan.yml @@ -44,6 +44,13 @@ jobs: OS_SERVER_NUMBER_OF_WORKERS: 4 BUILD_TYPE: docker COMPOSE_INTERACTIVE_NO_CLI: 1 + - name: Cleanup Docker resources and space + shell: bash + run: | + sudo rm -rf /usr/share/dotnet + sudo rm -rf /opt/ghc + sudo rm -rf "/usr/local/share/boost" + sudo rm -rf "$AGENT_TOOLSDIRECTORY" - name: Run docker vulnerability scanner uses: aquasecurity/trivy-action@master with: diff --git a/Dockerfile b/Dockerfile index ec593b79a..13bc702ed 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,9 +12,9 @@ ENV DEBIAN_FRONTEND=noninteractive # Install required libaries. # realpath - needed for wait-for-it RUN apt-get update && apt-get install -y wget gnupg \ - && wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | apt-key add - \ - && echo "deb http://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse" | \ - tee /etc/apt/sources.list.d/mongodb-org-4.4.list \ + && wget -qO - https://www.mongodb.org/static/pgp/server-6.0.asc | apt-key add - \ + && echo "deb http://repo.mongodb.org/apt/ubuntu focal/mongodb-org/6.0 multiverse" | \ + tee /etc/apt/sources.list.d/mongodb-org-6.0.list \ && apt-get update \ && apt-get install -y --no-install-recommends \ apt-transport-https \ diff --git a/ci/github-actions/setup.sh b/ci/github-actions/setup.sh index 01e364a6e..114c5e3c2 100755 --- a/ci/github-actions/setup.sh +++ b/ci/github-actions/setup.sh @@ -28,9 +28,9 @@ else rm ruby-2.7.2-darwin.tar.gz # Install mongodb from a download. Brew is hanging and requires building mongo. This also speeds up the builds. - curl -SLO https://fastdl.mongodb.org/osx/mongodb-macos-x86_64-4.4.2.tgz - tar xvzf mongodb-macos-x86_64-4.4.2.tgz - sudo cp mongodb-macos-x86_64-4.4.2/bin/* /usr/local/bin/ + curl -SLO https://fastdl.mongodb.org/osx/mongodb-macos-x86_64-6.0.7.tgz + tar xvzf mongodb-macos-x86_64-6.0.7.tgz + sudo cp mongodb-macos-x86_64-6.0.7/bin/* /usr/local/bin/ rm -r mongodb-macos* # Install openstudio -- Use the install script that is in this repo now, the one on OpenStudio/develop has changed @@ -63,8 +63,8 @@ else echo "Setting up Ubuntu for unit tests and Rubocop" # install pipe viewer to throttle printing logs to screen (not a big deal in linux, but it is in osx) sudo apt-get update && sudo apt-get install -y wget gnupg software-properties-common build-essential - sudo wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add - - echo "deb http://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 multiverse | tee /etc/apt/sources.list.d/mongodb-org-4.4.list" + sudo wget -qO - https://www.mongodb.org/static/pgp/server-6.0.asc | sudo apt-key add - + echo "deb http://repo.mongodb.org/apt/ubuntu focal/mongodb-org/6.0 multiverse | tee /etc/apt/sources.list.d/mongodb-org-6.0.list" sudo apt-get update sudo apt-get install -y pv tree mongodb libqdbm14 libxml2-dev # explicitly install. the latest version of redis-server diff --git a/docker-compose.deploy.yml b/docker-compose.deploy.yml index af46900ba..5092b6512 100644 --- a/docker-compose.deploy.yml +++ b/docker-compose.deploy.yml @@ -2,7 +2,7 @@ version: '3.4' services: db: - image: mongo:4.4.2 + image: mongo:6.0.7 ports: - "27017:27017" deploy: diff --git a/docker-compose.local.yml b/docker-compose.local.yml index af7d4f86a..ddc969aad 100644 --- a/docker-compose.local.yml +++ b/docker-compose.local.yml @@ -3,7 +3,7 @@ version: '3.4' services: db: - image: mongo:4.4.2 + image: mongo:6.0.7 ports: - "27017:27017" volumes: diff --git a/docker-compose.test.yml b/docker-compose.test.yml index 9023e23dc..d509ee7dc 100644 --- a/docker-compose.test.yml +++ b/docker-compose.test.yml @@ -3,7 +3,7 @@ version: '3.4' services: db: - image: mongo:4.4.2 + image: mongo:6.0.7 ports: - "27017:27017" environment: diff --git a/docker-compose.yml b/docker-compose.yml index f17c6c164..056957d2c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.4' services: db: - image: mongo:4.4.2 + image: mongo:6.0.7 ports: - "27017:27017" volumes: diff --git a/local_setup_scripts/nuke.sh b/local_setup_scripts/nuke.sh index 15f9a4eb3..e60d3c8c5 100755 --- a/local_setup_scripts/nuke.sh +++ b/local_setup_scripts/nuke.sh @@ -15,7 +15,7 @@ echo "pull images" docker pull registry:2.6 docker pull nrel/openstudio-server:$1 docker pull nrel/openstudio-rserve:$1 -docker pull mongo:4.4.2 +docker pull mongo:6.0.7 docker pull redis:6.0.9 echo "create registry" @@ -26,7 +26,7 @@ sleep 10 echo "tag" docker tag nrel/openstudio-server:$1 127.0.0.1:5000/openstudio-server docker tag nrel/openstudio-rserve:$1 127.0.0.1:5000/openstudio-rserve -docker tag mongo:4.4.2 127.0.0.1:5000/mongo +docker tag mongo:6.0.7 127.0.0.1:5000/mongo docker tag redis:6.0.9 127.0.0.1:5000/redis sleep 3 echo "push" diff --git a/local_setup_scripts/rebuild_sr.sh b/local_setup_scripts/rebuild_sr.sh index a9685049f..bb4820c01 100755 --- a/local_setup_scripts/rebuild_sr.sh +++ b/local_setup_scripts/rebuild_sr.sh @@ -12,8 +12,8 @@ cd docker/R/ #docker image rm 127.0.0.1:5000/openstudio-rserve -f docker build . -t="127.0.0.1:5000/openstudio-rserve" docker push 127.0.0.1:5000/openstudio-rserve -docker pull mongo:4.4.2 -docker tag mongo:4.4.2 127.0.0.1:5000/mongo +docker pull mongo:6.0.7 +docker tag mongo:6.0.7 127.0.0.1:5000/mongo docker push 127.0.0.1:5000/mongo docker pull redis:6.0.9 docker tag redis:6.0.9 127.0.0.1:5000/redis diff --git a/local_setup_scripts/win64/nuke.ps1 b/local_setup_scripts/win64/nuke.ps1 index 7fb0ae91d..579c88068 100644 --- a/local_setup_scripts/win64/nuke.ps1 +++ b/local_setup_scripts/win64/nuke.ps1 @@ -15,7 +15,7 @@ echo "pull images" docker pull registry:2.6 docker pull nrel/openstudio-server:$Args docker pull nrel/openstudio-rserve:$Args -docker pull mongo:3.4.10 +docker pull mongo:6.0.7 docker pull redis:4.0.6 echo "create registry" @@ -26,7 +26,7 @@ sleep 10 echo "tag" docker tag nrel/openstudio-server:$Args 127.0.0.1:5000/openstudio-server docker tag nrel/openstudio-rserve:$Args 127.0.0.1:5000/openstudio-rserve -docker tag mongo:3.4.10 127.0.0.1:5000/mongo +docker tag mongo:6.0.7 127.0.0.1:5000/mongo docker tag redis:4.0.6 127.0.0.1:5000/redis sleep 3 echo "push" diff --git a/local_setup_scripts/win64/nuke.sh b/local_setup_scripts/win64/nuke.sh index d7e3e6dc5..b1d4b8eb8 100644 --- a/local_setup_scripts/win64/nuke.sh +++ b/local_setup_scripts/win64/nuke.sh @@ -15,7 +15,7 @@ echo "pull images" docker pull registry:2.6 docker pull nrel/openstudio-server:$1 docker pull nrel/openstudio-rserve:$1 -docker pull mongo:4.4.2 +docker pull mongo:6.0.7 docker pull redis:6.0.9 echo "create registry" @@ -26,7 +26,7 @@ sleep 10 echo "tag" docker tag nrel/openstudio-server:$1 127.0.0.1:5000/openstudio-server docker tag nrel/openstudio-rserve:$1 127.0.0.1:5000/openstudio-rserve -docker tag mongo:4.4.2 127.0.0.1:5000/mongo +docker tag mongo:6.0.7 127.0.0.1:5000/mongo docker tag redis:6.0.9 127.0.0.1:5000/redis sleep 3 echo "push" diff --git a/local_setup_scripts/win64/rebuild_sr.sh b/local_setup_scripts/win64/rebuild_sr.sh index 2041f8ffa..b526673d1 100644 --- a/local_setup_scripts/win64/rebuild_sr.sh +++ b/local_setup_scripts/win64/rebuild_sr.sh @@ -12,8 +12,8 @@ cd docker/R #docker image rm 127.0.0.1:5000/openstudio-rserve -f docker build . -t="127.0.0.1:5000/openstudio-rserve" docker push 127.0.0.1:5000/openstudio-rserve -docker pull mongo:4.4.2 -docker tag mongo:4.4.2 127.0.0.1:5000/mongo +docker pull mongo:6.0.7 +docker tag mongo:6.0.7 127.0.0.1:5000/mongo docker push 127.0.0.1:5000/mongo docker pull redis:6.0.9 docker tag redis:6.0.9 127.0.0.1:5000/redis diff --git a/local_setup_scripts/win64/rebuild_sr_no_rm.sh b/local_setup_scripts/win64/rebuild_sr_no_rm.sh index 204dbef8a..5f82e6611 100644 --- a/local_setup_scripts/win64/rebuild_sr_no_rm.sh +++ b/local_setup_scripts/win64/rebuild_sr_no_rm.sh @@ -12,8 +12,8 @@ cd docker/R #docker image rm 127.0.0.1:5000/openstudio-rserve -f docker build . -t="127.0.0.1:5000/openstudio-rserve" docker push 127.0.0.1:5000/openstudio-rserve -docker pull mongo:4.4.2 -docker tag mongo:4.4.2 127.0.0.1:5000/mongo +docker pull mongo:6.0.7 +docker tag mongo:6.0.7 127.0.0.1:5000/mongo docker push 127.0.0.1:5000/mongo docker pull redis:6.0.9 docker tag redis:6.0.9 127.0.0.1:5000/redis diff --git a/server/Gemfile b/server/Gemfile index 894817dc9..d39d634c6 100644 --- a/server/Gemfile +++ b/server/Gemfile @@ -20,7 +20,7 @@ gem 'tzinfo-data', '~>1.2021.1' gem 'loofah', '2.20.0' # database modules -gem 'mongoid', '7.2.1' +gem 'mongoid', '7.4.3' #gem 'mongoid-paperclip' # forked gem is neccessary as mongoid-paperclip relies on mimemagic which now requires freedesktop.org.xml at run time" gem 'mongoid-paperclip', :github => 'tijcolem/mongoid-paperclip', :ref => 'master' @@ -69,7 +69,7 @@ gem 'sassc', '~> 2.4.0' gem 'openstudio-workflow', '= 2.3.1' #gem 'openstudio-analysis', :github => 'NREL/OpenStudio-analysis-gem', :ref => 'develop' -gem 'openstudio-analysis', '= 1.3.2' +gem 'openstudio-analysis', '= 1.3.4' # Remove urbanopt cli gems for minor for releases as they use different versions of ext gems gem 'urbanopt-cli', '= 0.9.2' diff --git a/spec/tests/openstudio_meta_spec.rb b/spec/tests/openstudio_meta_spec.rb index da9695022..9bddca430 100644 --- a/spec/tests/openstudio_meta_spec.rb +++ b/spec/tests/openstudio_meta_spec.rb @@ -17,7 +17,7 @@ # mongod must be in the path, if you are on Windows you can use the following if Gem.win_platform? - ENV['PATH'] = "C:/Program Files/MongoDB/Server/3.0/bin;#{ENV['PATH']}" # @todo it would be good to un-hard-code this + ENV['PATH'] = "C:/Program Files/MongoDB/Server/6.0/bin;#{ENV['PATH']}" # @todo it would be good to un-hard-code this end def which(cmd)