Release #146
Open
Release #146
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
In order to move the pic-sure-auth-micro-app to its own container I did the following: - Update HTTPD networking to redirect PSAMA request to the PSAMA container. - Added a new `.env` file that is passed to PSAMA as part of the build. - Updated the configuration pipeline to set values in the PSAMA`.env` file. - Removed PSAMA from WildFly database configuration. - Added necessary docker commands to both the `start-picsure.sh` and `stop-picsure.sh`.
The commit updates several .env variable names and values for a clearer and more accurate configuration. The changes include renaming CLIENT_ID and CLIENT_SECRET to inline with Application Properties. The flag to determine if secret is base64 is also added. In addition, a boolean flag is utilized to enable the use of Auth0 IDP Provider instead of setting the provider's name directly.
This commit introduces three Jenkins jobs related to the PIC-SURE Auth Micro-App; one for building and deploying the application, one for uploading updated configurations, and one for downloading the current configuration file.
- include a useful default value if the DOCKER_CONFIG_DIR environment
variable isn't already set.
- Build dict
- Deploy dict
- Add to c4u pipeline
- Add new tab for Dictionary
- start changes - stop changes - upload env file
* Copy global maven settings to be used in container build
) * Add scripts for MySQL config and Auth0 integration Enhanced MySQL instance configuration with additional JDBC replacement commands in `config.xml` files. Introduced a new job for exporting Jenkins build configurations with archiving functionality. Updated the Auth0 integration script to include replacements for client secret, client ID, and tenant. * Update Docker MySQL volume paths to use configuration directory Changed all paths for the MySQL Docker volume from `/root/.my.cnf` to `$DOCKER_CONFIG_DIR/.my.cnf` across multiple Jenkins jobs. This improves the maintenance and flexibility of the project's configuration files. * Update MySQL configuration directory usage Changed references from $DOCKER_CONFIG_DIR to $MYSQL_CONFIG_DIR across multiple Jenkins job config files and setup scripts to better organize and separate MySQL-specific configurations. This improves clarity and management of MySQL configuration settings. * Add script to reset development environment This script stops running services, prunes Docker images, and clears configuration directories. It ensures no critical directories are set incorrectly and resets specific paths with proper permissions. * Update config.xml in Jenkins pipelines to fix array syntax Added missing commas in the build_hashes array for three Jenkins pipeline configurations. This ensures proper syntax and prevents potential issues during pipeline execution. * Update README for additional MySQL config directory parameter Adjusted the install command to include a MySQL config directory. Updated documentation to reflect the new `MYSQL_CONFIG_DIR` variable, clarifying its usage and importance. * Ignore and remove sensitive temp files Added 'pass.tmp' and 'initial-configuration/pass.tmp' to .gitignore to avoid accidental commits of sensitive files. Deleted the existing 'initial-configuration/pass.tmp' file from the repository. * Refactor MySQL connection settings in config.xml Removed unnecessary MySQL connection string replacement for 'picsure' in psama/.env and 'auth' in wildfly/standalone.xml. * Update MySQL config directory in Jenkins and install script Changed the MySQL configuration directory path from `/root/` to `/usr/local/docker-config/picsure-db/` in the Jenkins config file and the install dependencies script.
|
| GitGuardian id | GitGuardian status | Secret | Commit | Filename | |
|---|---|---|---|---|---|
| 2485151 | Triggered | Generic Password | 811f769 | initial-configuration/jenkins/jenkins-docker/jobs/Configure Remote MySQL Instance/config.xml | View secret |
| 2485151 | Triggered | Generic Password | 811f769 | initial-configuration/jenkins/jenkins-docker/jobs/Configure Remote MySQL Instance/config.xml | View secret |
| 2485151 | Triggered | Generic Password | 300bd7b | initial-configuration/jenkins/jenkins-docker/jobs/Configure Remote MySQL Instance/config.xml | View secret |
| 2485151 | Triggered | Generic Password | 300bd7b | initial-configuration/jenkins/jenkins-docker/jobs/Configure Remote MySQL Instance/config.xml | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secret safely. Learn here the best practices. AWS Best Practice
- Revoke and rotate this secret.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Updated the name of the Jenkins job from 'PIC-SURE Auth Micro-App Build' to 'PIC-SURE Auth Micro-App Build - Jenkinsfile' in the pipeline configuration. This ensures alignment with the correct job naming conventions.
* Add openAccess configuration properties
- Bump jenkins version - Fix Update User Token job to work with psama >=3.2.x - Long awaited fix to persist DOCKER_CONFIG_DIR, and MYSQL_NETWORK vars through restart
…_CONFIG_DIR - Adjust start script - Fix DOCKER_CONFIG_DIR bug in start script - Add migration script
* Init new UI * Set repo by default * clean up migration stuff, remove old ui * remove old mounts
- Remove build and deploy microsevice - Add Build and Deploy job for uploader - Move Uploader .env logic - Add to build pipeline
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.