Exercise - Fixing the Vulnerability

According to the remediation, we need to fix the PrimeFaces dependency and update it from version 6.1 to 6.2.

Let us pretend the developer fixed it and checked it in, coming back into the pipeline. This is done by changing.

~/environment/aws-modernization-workshop/modules/containerize-application/app/pom.xml

Changing:

<version.primefaces>6.1</version.primefaces>

To:

<version.primefaces>6.2</version.primefaces>

Run this command to copy over our fixed version in the lab:

cp modules/snyk/pom.xml modules/containerize-application/app/

Save changes:

git commit -am "Fix vulnerable open source dep."

Push:

git push -f codecommit master

This time check Code Builder and we see it succeeded.

Tested 37 dependencies for known vulnerabilities, no vulnerable paths found.
Next steps:
- Run `snyk monitor` to be notified about new related vulnerabilities.

The vulnerability is fixed and the build succeeded!

Next, we also see Snyk successfully scanned the Docker Image and there were no package dependency issues with our Docker container!

Container] 2018/11/09 03:54:14 Running command $PWDUTILS/snyk test --docker $REPOSITORY_URI:latest
Testing 300326902600.dkr.ecr.us-west-2.amazonaws.com/petstore_frontend:latest...
Organisation: sample-integrations
Package manager: rpm
Docker image: 300326902600.dkr.ecr.us-west-2.amazonaws.com/petstore_frontend:latest
✓ Tested 190 dependencies for known vulnerabilities, no vulnerable paths found.