fab-manager/scripts/cve-2021-44228.sh

#!/usr/bin/env bash

# This script fixes the log4j CVE-2021-44228 vulnerability for instances using Elasticsearch 5.x

yq() {
  docker run --rm -i -v "${PWD}:/workdir" mikefarah/yq:4 "$@"
}

config() {
  SERVICE="$(yq eval '.services.*.image | select(. == "elasticsearch:5*") | path | .[-2]' docker-compose.yml)"
  if [ -z "$SERVICE" ]; then
    echo "No Elasticsearch 5 image found in docker-compose.yml"
    exit 0
  fi
}

add_var() {
  yq eval ".services.$SERVICE.environment += \"ES_JAVA_OPTS=-Dlog4j2.formatMsgNoLookups=true\"" docker-compose.yml
}

proceed()
{
  config
  add_var
}

proceed "$@"
(security) log4j vulneralility cve-2021-44228 2022-03-21 10:54:16 +01:00			`#!/usr/bin/env bash`

			`# This script fixes the log4j CVE-2021-44228 vulnerability for instances using Elasticsearch 5.x`

			`yq() {`
			`docker run --rm -i -v "${PWD}:/workdir" mikefarah/yq:4 "$@"`
			`}`

			`config() {`
			`SERVICE="$(yq eval '.services..image \| select(. == "elasticsearch:5") \| path \| .[-2]' docker-compose.yml)"`
			`if [ -z "$SERVICE" ]; then`
			`echo "No Elasticsearch 5 image found in docker-compose.yml"`
			`exit 0`
			`fi`
			`}`

			`add_var() {`
			`yq eval ".services.$SERVICE.environment += \"ES_JAVA_OPTS=-Dlog4j2.formatMsgNoLookups=true\"" docker-compose.yml`
			`}`

			`proceed()`
			`{`
			`config`
			`add_var`
			`}`

			`proceed "$@"`