Skip to content

Commit

Permalink
[ansible/artifactory] JA-7492- Fixed a security issue whereby, intera…
Browse files Browse the repository at this point in the history
…cting with specially c… (#356)

* JA-7492- Fixed a security issue whereby, interacting with specially crafted URLs could lead to exposure of sensitive information.

* Version 7.71.8 of Artifactory

* Determine the running_version and compare to desired artifactory_version

* compare stdout wihtout newline. changed_when: false for read operation.
  • Loading branch information
bbaassssiiee authored Dec 21, 2023
1 parent b25114f commit 506510c
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 4 deletions.
3 changes: 3 additions & 0 deletions Ansible/ansible_collections/jfrog/platform/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
# JFrog Platform Ansible Collection Changelog
All changes to this collection will be documented in this file.

## [10.16.4] - Dec 18, 2023
* Changed default Artifactory version to 7.71.8

## [10.16.3] - Dec 6, 2023
* Added How to avoid IPv6 binding in Readme [GH-349](https://github.com/jfrog/JFrog-Cloud-Installers/pull/349)
* Product Updates/fixes
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# Defaults file for artifactory

# The version of artifactory to install
artifactory_version: 7.71.5
artifactory_version: 7.71.8

# Set this to true when SSL is enabled (to use artifactory_nginx_ssl role), default to false (implies artifactory uses artifactory_nginx role )
artifactory_nginx_ssl_enabled: false
Expand Down Expand Up @@ -112,4 +112,4 @@ artifactory_binarystore: |-
artifactory_systemyaml_override: false

# Allow artifactory user to create crontab rules
artifactory_allow_crontab: false
artifactory_allow_crontab: false
Original file line number Diff line number Diff line change
Expand Up @@ -56,17 +56,28 @@
path: "{{ jfrog_home_directory }}"
state: directory

- name: Check artifactory version
ansible.builtin.shell: |
set -o pipefail;
grep artifactory.product.version "{{ artifactory_home }}/app/artifactory.product.version.properties" |cut -d= -f2
register: check_version_cmd
changed_when: false

- name: Set running_version
ansible.builtin.set_fact:
running_version: "{{ check_version_cmd.stdout }}"

- name: Delete artifactory app directory
become: true
ansible.builtin.file:
path: "{{ artifactory_home }}/app"
state: absent
when: (download_artifactory.changed) or (unarchived_artifactory.changed)
when: running_version != artifactory_version

- name: Copy new app to artifactory app
become: true
ansible.builtin.command: "cp -r {{ artifactory_untar_home }}/app/. {{ artifactory_home }}/app"
when: (download_artifactory.changed) or (unarchived_artifactory.changed)
when: running_version != artifactory_version
notify: Restart artifactory

- name: Configure artifactory license(s)
Expand Down

0 comments on commit 506510c

Please sign in to comment.