Next

.dockerignore

@@ -0,0 +1,11 @@
+compose.yaml
+.env
+.git
+.gitignore
+haproxy
+LICENSE
+nginx
+proxy.yaml
+README.md
+README_old.md
+schema.pdf

.gitignore

@@ -0,0 +1 @@
+.env

Dockerfile.python

@@ -0,0 +1,6 @@
+FROM python:3.9-slim
+WORKDIR /app
+COPY requirements.txt .
+RUN pip install -r requirements.txt
+COPY main.py .
+CMD ["python", "main.py"]

README.md

@@ -1,30 +1,43 @@
-# shvirtd-example-python
+# Домашнее задание к занятию 5. «Практическое применение Docker»
 
-Example Flask-application for docker compose training.
-## Installation
-First, you need to clone this repository:
 
-```bash
-git clone https://github.com/netology-code/shvirtd-example-python.git
+## Задача 0 ##
+
+Установлены соответствующие версии пакетов:
+```
+damir@dz5:~$ docker --version
+Docker version 27.0.3, build 7d4bcd8
+damir@dz5:~$ docker compose version
+Docker Compose version v2.28.1
 ```
 
-Now, we will need to create a virtual environment and install all the dependencies:
 
-```bash
-python3 -m venv venv  # on Windows, use "python -m venv venv" instead
-. venv/bin/activate   # on Windows, use "venv\Scripts\activate" instead
-pip install -r requirements.txt
-python main.py
+## Задача 1 ##
+
+Форк репозитария создан, создан dockerfile (Dockerfile.python), образ собирается, при этом файл requirements.txt копируется в образ для дальнейшей настройки окружения.
+В .dockerignore указаны все файлы, не имеющие отношения к сборке образа.
+
+
+## Задача 2 (*) ##
+
+Отчет о сканировании тут: https://github.com/Granit16/shvirtd-example-python/blob/next/vulnerabilities.csv
+
+
+## Задача 3 ##
+
+Файл compose.yaml создан, файл "proxy.yaml" продключен к нему с помощью директивы "include".
+Образ приложения web собирается из файла Dockerfile.python, все остальные параметры соответствуют заданию.
+Переменные в приложение передаются через файл .env и/или через переменные окружения в разделе environment.
+
+Приложение db создается в соответсвии с заданными параметрами, переменные для создания пароля root, БД и данных пользователя передаются через файл .env.
+
+После запуска приложений команда curl выдает ожидаемый результат:
+```
+damir@dz5:~/rrr/shvirtd-example-python$ curl -L http://127.0.0.1:8090
+TIME: 2024-07-23 09:55:59, IP: 127.0.0.1damir@dz5:~/rrr/shvirtd-example-python$
 ```
-You need to run Mysql database and provide following ENV-variables for connection:  
-- DB_HOST (default: '127.0.0.1')
-- DB_USER (default: 'app')
-- DB_PASSWORD (default: 'very_strong')
-- DB_NAME (default: 'example')
 
-The applications will always running on http://localhost:5000.  
-To exit venv just type ```deactivate```
+Результат подключения к контейнур с БД и выполенения запроса представлен на скриншоте:
+![alt text](https://github.com/Granit16/shvirtd-example-python/blob/next/SQL.png?raw=true)
 
-## License
 
-This project is licensed under the MIT License (see the `LICENSE` file for details).

README_old.md

@@ -0,0 +1,30 @@
+# shvirtd-example-python
+
+Example Flask-application for docker compose training.
+## Installation
+First, you need to clone this repository:
+
+```bash
+git clone https://github.com/netology-code/shvirtd-example-python.git
+```
+
+Now, we will need to create a virtual environment and install all the dependencies:
+
+```bash
+python3 -m venv venv  # on Windows, use "python -m venv venv" instead
+. venv/bin/activate   # on Windows, use "venv\Scripts\activate" instead
+pip install -r requirements.txt
+python main.py
+```
+You need to run Mysql database and provide following ENV-variables for connection:  
+- DB_HOST (default: '127.0.0.1')
+- DB_USER (default: 'app')
+- DB_PASSWORD (default: 'very_strong')
+- DB_NAME (default: 'example')
+
+The applications will always running on http://localhost:5000.  
+To exit venv just type ```deactivate```
+
+## License
+
+This project is licensed under the MIT License (see the `LICENSE` file for details).

compose.yaml

@@ -0,0 +1,35 @@
+version: "3"
+include:
+  - proxy.yaml
+services:
+
+  db:
+    image: mysql:8
+    env_file:
+      - .env
+    ports:
+      - 3306:3306
+    environment:
+      - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-very_strong}
+    restart: always
+    networks:
+      backend:
+        ipv4_address: 172.20.0.10
+
+  web:
+    build:
+      context: .
+      dockerfile: Dockerfile.python
+    env_file:
+      - .env
+    environment:
+      - DB_HOST=172.20.0.10
+      - DB_USER=${MYSQL_USER:-app}
+      - DB_PASSWORD=${MYSQL_PASSWORD:-very_strong}
+      - DB_NAME=${MYSQL_DATABASE:-example}
+      - DB_TABLE_NAME=${MYSQL_TABLE_NAME:-example}
+    restart: always
+    networks:
+      backend:
+        ipv4_address: 172.20.0.5
+

vulnerabilities.csv

@@ -0,0 +1,105 @@
+name,link,severity,package,version,fixedBy
+CVE-2023-45853,https://avd.aquasec.com/nvd/cve-2023-45853,CRITICAL,zlib1g,1:1.2.13.dfsg-1,
+CVE-2023-52425,https://avd.aquasec.com/nvd/cve-2023-52425,HIGH,libexpat1,2.5.0-1,
+CVE-2024-26462,https://avd.aquasec.com/nvd/cve-2024-26462,HIGH,libgssapi-krb5-2,1.20.1-2+deb12u2,
+CVE-2024-26462,https://avd.aquasec.com/nvd/cve-2024-26462,HIGH,libk5crypto3,1.20.1-2+deb12u2,
+CVE-2024-26462,https://avd.aquasec.com/nvd/cve-2024-26462,HIGH,libkrb5-3,1.20.1-2+deb12u2,
+CVE-2024-26462,https://avd.aquasec.com/nvd/cve-2024-26462,HIGH,libkrb5support0,1.20.1-2+deb12u2,
+CVE-2023-7104,https://avd.aquasec.com/nvd/cve-2023-7104,HIGH,libsqlite3-0,3.40.1-2,
+CVE-2023-31484,https://avd.aquasec.com/nvd/cve-2023-31484,HIGH,perl-base,5.36.0-7+deb12u1,
+CVE-2023-4039,https://avd.aquasec.com/nvd/cve-2023-4039,MEDIUM,gcc-12-base,12.2.0-14,
+CVE-2023-4039,https://avd.aquasec.com/nvd/cve-2023-4039,MEDIUM,libgcc-s1,12.2.0-14,
+CVE-2024-2236,https://avd.aquasec.com/nvd/cve-2024-2236,MEDIUM,libgcrypt20,1.10.1-3,
+CVE-2024-26458,https://avd.aquasec.com/nvd/cve-2024-26458,MEDIUM,libgssapi-krb5-2,1.20.1-2+deb12u2,
+CVE-2024-26461,https://avd.aquasec.com/nvd/cve-2024-26461,MEDIUM,libgssapi-krb5-2,1.20.1-2+deb12u2,
+CVE-2024-26458,https://avd.aquasec.com/nvd/cve-2024-26458,MEDIUM,libk5crypto3,1.20.1-2+deb12u2,
+CVE-2024-26461,https://avd.aquasec.com/nvd/cve-2024-26461,MEDIUM,libk5crypto3,1.20.1-2+deb12u2,
+CVE-2024-26458,https://avd.aquasec.com/nvd/cve-2024-26458,MEDIUM,libkrb5-3,1.20.1-2+deb12u2,
+CVE-2024-26461,https://avd.aquasec.com/nvd/cve-2024-26461,MEDIUM,libkrb5-3,1.20.1-2+deb12u2,
+CVE-2024-26458,https://avd.aquasec.com/nvd/cve-2024-26458,MEDIUM,libkrb5support0,1.20.1-2+deb12u2,
+CVE-2024-26461,https://avd.aquasec.com/nvd/cve-2024-26461,MEDIUM,libkrb5support0,1.20.1-2+deb12u2,
+CVE-2023-50495,https://avd.aquasec.com/nvd/cve-2023-50495,MEDIUM,libncursesw6,6.4-4,
+CVE-2024-22365,https://avd.aquasec.com/nvd/cve-2024-22365,MEDIUM,libpam-modules,1.5.2-6+deb12u1,
+CVE-2024-22365,https://avd.aquasec.com/nvd/cve-2024-22365,MEDIUM,libpam-modules-bin,1.5.2-6+deb12u1,
+CVE-2024-22365,https://avd.aquasec.com/nvd/cve-2024-22365,MEDIUM,libpam-runtime,1.5.2-6+deb12u1,
+CVE-2024-22365,https://avd.aquasec.com/nvd/cve-2024-22365,MEDIUM,libpam0g,1.5.2-6+deb12u1,
+CVE-2024-0232,https://avd.aquasec.com/nvd/cve-2024-0232,MEDIUM,libsqlite3-0,3.40.1-2,
+CVE-2024-4603,https://avd.aquasec.com/nvd/cve-2024-4603,MEDIUM,libssl3,3.0.13-1~deb12u1,
+CVE-2024-4741,https://avd.aquasec.com/nvd/cve-2024-4741,MEDIUM,libssl3,3.0.13-1~deb12u1,
+CVE-2024-5535,https://avd.aquasec.com/nvd/cve-2024-5535,MEDIUM,libssl3,3.0.13-1~deb12u1,
+CVE-2023-4039,https://avd.aquasec.com/nvd/cve-2023-4039,MEDIUM,libstdc++6,12.2.0-14,
+CVE-2023-50495,https://avd.aquasec.com/nvd/cve-2023-50495,MEDIUM,libtinfo6,6.4-4,
+CVE-2023-4641,https://avd.aquasec.com/nvd/cve-2023-4641,MEDIUM,login,1:4.13+dfsg1-1+b1,
+CVE-2023-50495,https://avd.aquasec.com/nvd/cve-2023-50495,MEDIUM,ncurses-base,6.4-4,
+CVE-2023-50495,https://avd.aquasec.com/nvd/cve-2023-50495,MEDIUM,ncurses-bin,6.4-4,
+CVE-2024-4603,https://avd.aquasec.com/nvd/cve-2024-4603,MEDIUM,openssl,3.0.13-1~deb12u1,
+CVE-2024-4741,https://avd.aquasec.com/nvd/cve-2024-4741,MEDIUM,openssl,3.0.13-1~deb12u1,
+CVE-2024-5535,https://avd.aquasec.com/nvd/cve-2024-5535,MEDIUM,openssl,3.0.13-1~deb12u1,
+CVE-2023-4641,https://avd.aquasec.com/nvd/cve-2023-4641,MEDIUM,passwd,1:4.13+dfsg1-1+b1,
+CVE-2011-3374,https://avd.aquasec.com/nvd/cve-2011-3374,LOW,apt,2.6.1,
+TEMP-0841856-B18BAF,https://security-tracker.debian.org/tracker/TEMP-0841856-B18BAF,LOW,bash,5.2.15-2+b7,
+CVE-2022-0563,https://avd.aquasec.com/nvd/cve-2022-0563,LOW,bsdutils,1:2.38.1-5+deb12u1,
+CVE-2016-2781,https://avd.aquasec.com/nvd/cve-2016-2781,LOW,coreutils,9.1-1,
+CVE-2017-18018,https://avd.aquasec.com/nvd/cve-2017-18018,LOW,coreutils,9.1-1,
+CVE-2022-27943,https://avd.aquasec.com/nvd/cve-2022-27943,LOW,gcc-12-base,12.2.0-14,
+CVE-2022-3219,https://avd.aquasec.com/nvd/cve-2022-3219,LOW,gpgv,2.2.40-1.1,
+CVE-2011-3374,https://avd.aquasec.com/nvd/cve-2011-3374,LOW,libapt-pkg6.0,2.6.1,
+CVE-2022-0563,https://avd.aquasec.com/nvd/cve-2022-0563,LOW,libblkid1,2.38.1-5+deb12u1,
+CVE-2010-4756,https://avd.aquasec.com/nvd/cve-2010-4756,LOW,libc-bin,2.36-9+deb12u7,
+CVE-2018-20796,https://avd.aquasec.com/nvd/cve-2018-20796,LOW,libc-bin,2.36-9+deb12u7,
+CVE-2019-1010022,https://avd.aquasec.com/nvd/cve-2019-1010022,LOW,libc-bin,2.36-9+deb12u7,
+CVE-2019-1010023,https://avd.aquasec.com/nvd/cve-2019-1010023,LOW,libc-bin,2.36-9+deb12u7,
+CVE-2019-1010024,https://avd.aquasec.com/nvd/cve-2019-1010024,LOW,libc-bin,2.36-9+deb12u7,
+CVE-2019-1010025,https://avd.aquasec.com/nvd/cve-2019-1010025,LOW,libc-bin,2.36-9+deb12u7,
+CVE-2019-9192,https://avd.aquasec.com/nvd/cve-2019-9192,LOW,libc-bin,2.36-9+deb12u7,
+CVE-2010-4756,https://avd.aquasec.com/nvd/cve-2010-4756,LOW,libc6,2.36-9+deb12u7,
+CVE-2018-20796,https://avd.aquasec.com/nvd/cve-2018-20796,LOW,libc6,2.36-9+deb12u7,
+CVE-2019-1010022,https://avd.aquasec.com/nvd/cve-2019-1010022,LOW,libc6,2.36-9+deb12u7,
+CVE-2019-1010023,https://avd.aquasec.com/nvd/cve-2019-1010023,LOW,libc6,2.36-9+deb12u7,
+CVE-2019-1010024,https://avd.aquasec.com/nvd/cve-2019-1010024,LOW,libc6,2.36-9+deb12u7,
+CVE-2019-1010025,https://avd.aquasec.com/nvd/cve-2019-1010025,LOW,libc6,2.36-9+deb12u7,
+CVE-2019-9192,https://avd.aquasec.com/nvd/cve-2019-9192,LOW,libc6,2.36-9+deb12u7,
+CVE-2023-52426,https://avd.aquasec.com/nvd/cve-2023-52426,LOW,libexpat1,2.5.0-1,
+CVE-2024-28757,https://avd.aquasec.com/nvd/cve-2024-28757,LOW,libexpat1,2.5.0-1,
+CVE-2022-27943,https://avd.aquasec.com/nvd/cve-2022-27943,LOW,libgcc-s1,12.2.0-14,
+CVE-2018-6829,https://avd.aquasec.com/nvd/cve-2018-6829,LOW,libgcrypt20,1.10.1-3,
+CVE-2011-3389,https://avd.aquasec.com/nvd/cve-2011-3389,LOW,libgnutls30,3.7.9-2+deb12u3,
+CVE-2018-5709,https://avd.aquasec.com/nvd/cve-2018-5709,LOW,libgssapi-krb5-2,1.20.1-2+deb12u2,
+CVE-2018-5709,https://avd.aquasec.com/nvd/cve-2018-5709,LOW,libk5crypto3,1.20.1-2+deb12u2,
+CVE-2018-5709,https://avd.aquasec.com/nvd/cve-2018-5709,LOW,libkrb5-3,1.20.1-2+deb12u2,
+CVE-2018-5709,https://avd.aquasec.com/nvd/cve-2018-5709,LOW,libkrb5support0,1.20.1-2+deb12u2,
+CVE-2022-0563,https://avd.aquasec.com/nvd/cve-2022-0563,LOW,libmount1,2.38.1-5+deb12u1,
+CVE-2023-45918,https://avd.aquasec.com/nvd/cve-2023-45918,LOW,libncursesw6,6.4-4,
+CVE-2022-0563,https://avd.aquasec.com/nvd/cve-2022-0563,LOW,libsmartcols1,2.38.1-5+deb12u1,
+CVE-2021-45346,https://avd.aquasec.com/nvd/cve-2021-45346,LOW,libsqlite3-0,3.40.1-2,
+CVE-2024-2511,https://avd.aquasec.com/nvd/cve-2024-2511,LOW,libssl3,3.0.13-1~deb12u1,
+CVE-2022-27943,https://avd.aquasec.com/nvd/cve-2022-27943,LOW,libstdc++6,12.2.0-14,
+CVE-2013-4392,https://avd.aquasec.com/nvd/cve-2013-4392,LOW,libsystemd0,252.26-1~deb12u2,
+CVE-2023-31437,https://avd.aquasec.com/nvd/cve-2023-31437,LOW,libsystemd0,252.26-1~deb12u2,
+CVE-2023-31438,https://avd.aquasec.com/nvd/cve-2023-31438,LOW,libsystemd0,252.26-1~deb12u2,
+CVE-2023-31439,https://avd.aquasec.com/nvd/cve-2023-31439,LOW,libsystemd0,252.26-1~deb12u2,
+CVE-2023-45918,https://avd.aquasec.com/nvd/cve-2023-45918,LOW,libtinfo6,6.4-4,
+CVE-2013-4392,https://avd.aquasec.com/nvd/cve-2013-4392,LOW,libudev1,252.26-1~deb12u2,
+CVE-2023-31437,https://avd.aquasec.com/nvd/cve-2023-31437,LOW,libudev1,252.26-1~deb12u2,
+CVE-2023-31438,https://avd.aquasec.com/nvd/cve-2023-31438,LOW,libudev1,252.26-1~deb12u2,
+CVE-2023-31439,https://avd.aquasec.com/nvd/cve-2023-31439,LOW,libudev1,252.26-1~deb12u2,
+CVE-2022-0563,https://avd.aquasec.com/nvd/cve-2022-0563,LOW,libuuid1,2.38.1-5+deb12u1,
+CVE-2007-5686,https://avd.aquasec.com/nvd/cve-2007-5686,LOW,login,1:4.13+dfsg1-1+b1,
+CVE-2019-19882,https://avd.aquasec.com/nvd/cve-2019-19882,LOW,login,1:4.13+dfsg1-1+b1,
+CVE-2023-29383,https://avd.aquasec.com/nvd/cve-2023-29383,LOW,login,1:4.13+dfsg1-1+b1,
+TEMP-0628843-DBAD28,https://security-tracker.debian.org/tracker/TEMP-0628843-DBAD28,LOW,login,1:4.13+dfsg1-1+b1,
+CVE-2022-0563,https://avd.aquasec.com/nvd/cve-2022-0563,LOW,mount,2.38.1-5+deb12u1,
+CVE-2023-45918,https://avd.aquasec.com/nvd/cve-2023-45918,LOW,ncurses-base,6.4-4,
+CVE-2023-45918,https://avd.aquasec.com/nvd/cve-2023-45918,LOW,ncurses-bin,6.4-4,
+CVE-2024-2511,https://avd.aquasec.com/nvd/cve-2024-2511,LOW,openssl,3.0.13-1~deb12u1,
+CVE-2007-5686,https://avd.aquasec.com/nvd/cve-2007-5686,LOW,passwd,1:4.13+dfsg1-1+b1,
+CVE-2019-19882,https://avd.aquasec.com/nvd/cve-2019-19882,LOW,passwd,1:4.13+dfsg1-1+b1,
+CVE-2023-29383,https://avd.aquasec.com/nvd/cve-2023-29383,LOW,passwd,1:4.13+dfsg1-1+b1,
+TEMP-0628843-DBAD28,https://security-tracker.debian.org/tracker/TEMP-0628843-DBAD28,LOW,passwd,1:4.13+dfsg1-1+b1,
+CVE-2011-4116,https://avd.aquasec.com/nvd/cve-2011-4116,LOW,perl-base,5.36.0-7+deb12u1,
+CVE-2023-31486,https://avd.aquasec.com/nvd/cve-2023-31486,LOW,perl-base,5.36.0-7+deb12u1,
+TEMP-0517018-A83CE6,https://security-tracker.debian.org/tracker/TEMP-0517018-A83CE6,LOW,sysvinit-utils,3.06-4,
+CVE-2005-2541,https://avd.aquasec.com/nvd/cve-2005-2541,LOW,tar,1.34+dfsg-1.2+deb12u1,
+TEMP-0290435-0B57B5,https://security-tracker.debian.org/tracker/TEMP-0290435-0B57B5,LOW,tar,1.34+dfsg-1.2+deb12u1,
+CVE-2022-0563,https://avd.aquasec.com/nvd/cve-2022-0563,LOW,util-linux,2.38.1-5+deb12u1,
+CVE-2022-0563,https://avd.aquasec.com/nvd/cve-2022-0563,LOW,util-linux-extra,2.38.1-5+deb12u1,