There is a security vulnerability in SSH key-generation using GitKraken < v8.0.1. If you used this tool to create SSH keys, please update GitKraken and regenerate. If you need help with this, contact forum-support@opengroup.org

Commit e4c51bee authored by MANISH KUMAR's avatar MANISH KUMAR
Browse files

Java harden container and generate preaggregation metrices

parent f4cc1507
Pipeline #37916 passed with stage
in 10 seconds
...@@ -20,6 +20,7 @@ ...@@ -20,6 +20,7 @@
# AZURE_SUBSCRIPTION_ID (Protected Branch) # AZURE_SUBSCRIPTION_ID (Protected Branch)
# AZURE_SUBSCRIPTION_NAME (Protected Branch) # AZURE_SUBSCRIPTION_NAME (Protected Branch)
# AZURE_TENANT_ID (Protected Branch) # AZURE_TENANT_ID (Protected Branch)
# AZURE_APPINSIGHTS_KEY (Protected Branch/Masked Variable)
# EXPECTED PIPELINE VARIABLES # EXPECTED PIPELINE VARIABLES
# -------------------------------------------------------------------------------- # --------------------------------------------------------------------------------
...@@ -66,6 +67,7 @@ ...@@ -66,6 +67,7 @@
AZURE_AD_USER_OID: 469e9c25-ad0b-42e3-b023-03814437b21e AZURE_AD_USER_OID: 469e9c25-ad0b-42e3-b023-03814437b21e
AZURE_AD_GUEST_EMAIL: integration.test@email.com AZURE_AD_GUEST_EMAIL: integration.test@email.com
AZURE_AD_GUEST_OID: 4cf85597-116b-4aa5-bf03-7665a5b14ed5 AZURE_AD_GUEST_OID: 4cf85597-116b-4aa5-bf03-7665a5b14ed5
AZURE_AD_APPINSIGHTS_KEY: AZURE_APPINSIGHTS_KEY
# Legal Section # Legal Section
HOST_URL: https://${AZURE_DNS_NAME}/api/legal/v1/ HOST_URL: https://${AZURE_DNS_NAME}/api/legal/v1/
AZURE_LEGAL_STORAGE_ACCOUNT: ${AZURE_BASE}data AZURE_LEGAL_STORAGE_ACCOUNT: ${AZURE_BASE}data
...@@ -142,11 +144,13 @@ azure_containerize: ...@@ -142,11 +144,13 @@ azure_containerize:
script: script:
# Dockerfile # Dockerfile
- | - |
echo 'FROM openjdk:8-jdk-alpine echo 'FROM community.opengroup.org:5555/osdu/platform/deployment-and-operations/base-containers-azure/alpine-zulu8:0.0.1
VOLUME /tmp VOLUME /tmp
ARG JAR_FILE ARG JAR_FILE
ARG APPINSIGHTS_KEY
ENV APPLICATIONINSIGHTS_CONNECTION_STRING=${APPINSIGHTS_KEY}
COPY ${JAR_FILE} app.jar COPY ${JAR_FILE} app.jar
ENTRYPOINT ["java","-jar","/app.jar"]' > Dockerfile ENTRYPOINT ["java","-jar","-javaagent:/opt/agents/applicationinsights-agent-${AGENT_VERSION}.jar","/app.jar"]' > Dockerfile
- | - |
if [ "$AZURE_SERVICE" == "entitlements" ]; then if [ "$AZURE_SERVICE" == "entitlements" ]; then
TARGET=$(find ./$AZURE_BUILD_SUBDIR/target -name '*.jar' |head -n 1) TARGET=$(find ./$AZURE_BUILD_SUBDIR/target -name '*.jar' |head -n 1)
...@@ -156,7 +160,7 @@ azure_containerize: ...@@ -156,7 +160,7 @@ azure_containerize:
# Gitlab Container Registry # Gitlab Container Registry
- echo "Startup Jar is $TARGET" - echo "Startup Jar is $TARGET"
- docker build --build-arg JAR_FILE=$TARGET -t $CI_REGISTRY_IMAGE/$SHA_IMAGE . - docker build --build-arg JAR_FILE=$TARGET --build-arg APPINSIGHTS_KEY=$AZURE_AD_APPINSIGHTS_KEY -t $CI_REGISTRY_IMAGE/$SHA_IMAGE .
- docker push ${CI_REGISTRY_IMAGE}/$SHA_IMAGE - docker push ${CI_REGISTRY_IMAGE}/$SHA_IMAGE
- docker tag $CI_REGISTRY_IMAGE/$SHA_IMAGE $CI_REGISTRY_IMAGE/$LATEST_IMAGE - docker tag $CI_REGISTRY_IMAGE/$SHA_IMAGE $CI_REGISTRY_IMAGE/$LATEST_IMAGE
- docker push ${CI_REGISTRY_IMAGE}/$LATEST_IMAGE - docker push ${CI_REGISTRY_IMAGE}/$LATEST_IMAGE
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment