Commit 65f73b29 authored by Yunhua Koglin's avatar Yunhua Koglin
Browse files

Merge remote-tracking branch 'origin/master' into dev

parents 42bb8518 fae8296d
......@@ -5,6 +5,8 @@ variables:
PORT: 80
REPLICA: 1
UTEST_RUNTIME_IMAGE: seistore-svc-runtime
SDMS_MIN_REPLICAS: 1
SDMS_MAX_REPLICAS: 5
#aws variables
AWS_SERVICE: seismic-store
......@@ -34,7 +36,7 @@ variables:
OSDU_GCP_APPLICATION: seismic-store
OSDU_GCP_ENTITLEMENT_BASE_URL_PATH: /entitlements/v2
OSDU_GCP_DATA_PARTITION_REST_HEADER_KEY: data-partition-id
OSDU_GCP_DES_SERVICE_HOST_COMPLIANCE: https://os-legal-attcrcktoa-uc.a.run.app/api
OSDU_GCP_DES_SERVICE_HOST_COMPLIANCE: https://community.osdu-gcp.go3-nrg.projects.epam.com/api
OSDU_GCP_DES_SERVICE_HOST_STORAGE: https://os-storage-attcrcktoa-uc.a.run.app/api
OSDU_GCP_ENV_VARS: CLOUDPROVIDER=${OSDU_GCP_CLOUD_PROVIDER},DES_SERVICE_HOST_PARTITION=${OSDU_GCP_PARTITION_API},ENTITLEMENT_BASE_URL_PATH=${OSDU_GCP_ENTITLEMENT_BASE_URL_PATH},DATA_PARTITION_REST_HEADER_KEY=${OSDU_GCP_DATA_PARTITION_REST_HEADER_KEY},DES_SERVICE_HOST_STORAGE=${OSDU_GCP_DES_SERVICE_HOST_STORAGE},DES_SERVICE_HOST_COMPLIANCE=${OSDU_GCP_DES_SERVICE_HOST_COMPLIANCE},SEISTORE_DES_TARGET_AUDIENCE=${GOOGLE_AUDIENCE},SERVICE_CLOUD_PROJECT=${OSDU_GCP_PROJECT},APP_ENVIRONMENT_IDENTIFIER=${TENANT},IMP_SERVICE_ACCOUNT_SIGNER=${OSDU_GCP_IMP_SERVICE_ACCOUNT_SIGNER},DES_SERVICE_HOST_ENTITLEMENT=${OSDU_GCP_ENTITLEMENTS_V2_BASE_URL},SEISTORE_DES_APPKEY=${OSDU_GCP_SEISTORE_DES_APPKEY},DES_REDIS_INSTANCE_ADDRESS=${OSDU_GCP_DES_REDIS_INSTANCE_ADDRESS},DES_REDIS_INSTANCE_PORT=${OSDU_GCP_DES_REDIS_INSTANCE_PORT},LOCKSMAP_REDIS_INSTANCE_ADDRESS=${OSDU_GCP_LOCKSMAP_REDIS_INSTANCE_ADDRESS} --vpc-connector=$OSDU_GCP_VPC_CONNECTOR
......@@ -52,6 +54,9 @@ include:
# lint
- local: "/devops/osdu/scanners/lint-node.yml"
# scan for secrets
- local: "/devops/osdu/scanners/scan-for-secrets-node.yml"
# containerize
- project: "osdu/platform/ci-cd-pipelines"
......@@ -91,3 +96,20 @@ osdu-gcp-test-python:
only:
variables:
- $OSDU_GCP == 'true' && $OSDU_GCP_INT_TEST_TYPE == 'python'
osdu-gcp-containerize-gitlab:
stage: containerize
needs: ["compile-and-unit-test"]
tags: ["osdu-medium"]
extends: .osdu-gcp-variables
image: docker:19.03
cache: {}
allow_failure: true
script:
- export EXTRA_DOCKER_TAG=""; if [ "$CI_COMMIT_TAG" != "" ] ; then EXTRA_DOCKER_TAG="-t $CI_REGISTRY_IMAGE/osdu-gcp:$CI_COMMIT_TAG" ; elif [ "$CI_COMMIT_REF_NAME" = "master" ] ; then EXTRA_DOCKER_TAG="-t $CI_REGISTRY_IMAGE/osdu-gcp:latest" ; fi
- docker build -t $CI_REGISTRY_IMAGE/osdu-gcp:$CI_COMMIT_SHORT_SHA $EXTRA_DOCKER_TAG --file docker/runtime.Dockerfile .
- docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
- docker push $CI_REGISTRY_IMAGE/osdu-gcp
only:
variables:
- $OSDU_GCP == 'true'
......@@ -90,7 +90,7 @@ The following software have components provided under the terms of this license:
- jmespath (from https://www.npmjs.com/package/jmespath)
- jwtproxy (from https://www.npmjs.com/package/jwtproxy)
- keycloak-admin (from https://www.npmjs.com/package/keycloak-admin)
- log4js (from https://github.com/nomiddlename/log4js-node)
- log4js (from https://www.npmjs.com/package/log4js)
- long (from https://www.npmjs.com/package/long)
- mime-db (from https://www.npmjs.com/package/mime-db)
- mime-db (from https://www.npmjs.com/package/mime-db)
......@@ -100,7 +100,7 @@ The following software have components provided under the terms of this license:
- python-dateutil (from https://dateutil.readthedocs.org)
- rc (from https://www.npmjs.com/package/rc)
- request (from https://www.npmjs.com/package/request)
- requests (from http://python-requests.org)
- requests (from https://requests.readthedocs.io)
- s3transfer (from https://github.com/boto/s3transfer)
- swagger-ui-dist (from https://www.npmjs.com/package/swagger-ui-dist)
- teeny-request (from https://www.npmjs.com/package/teeny-request)
......@@ -121,11 +121,11 @@ BSD-2-Clause
The following software have components provided under the terms of this license:
- ajv (from https://www.npmjs.com/package/ajv)
- async-listener (from https://github.com/othiym23/async-listener#readme)
- async-listener (from https://www.npmjs.com/package/async-listener)
- bcrypt-pbkdf (from https://www.npmjs.com/package/bcrypt-pbkdf)
- cls-hooked (from https://www.npmjs.com/package/cls-hooked)
- configstore (from https://www.npmjs.com/package/configstore)
- continuation-local-storage (from https://github.com/othiym23/node-continuation-local-storage#readme)
- continuation-local-storage (from https://www.npmjs.com/package/continuation-local-storage)
- docutils (from http://docutils.sourceforge.net/)
- dotenv (from https://www.npmjs.com/package/dotenv)
- emitter-listener (from https://github.com/othiym23/emitter-listener)
......@@ -164,14 +164,14 @@ The following software have components provided under the terms of this license:
- @protobufjs/path (from https://www.npmjs.com/package/@protobufjs/path)
- @protobufjs/pool (from https://www.npmjs.com/package/@protobufjs/pool)
- @protobufjs/utf8 (from https://www.npmjs.com/package/@protobufjs/utf8)
- async-listener (from https://github.com/othiym23/async-listener#readme)
- async-listener (from https://www.npmjs.com/package/async-listener)
- aws-sdk (from https://www.npmjs.com/package/aws-sdk)
- bcrypt-pbkdf (from https://www.npmjs.com/package/bcrypt-pbkdf)
- buffer-equal-constant-time (from https://www.npmjs.com/package/buffer-equal-constant-time)
- cls-hooked (from https://www.npmjs.com/package/cls-hooked)
- cluster-key-slot (from https://www.npmjs.com/package/cluster-key-slot)
- configstore (from https://www.npmjs.com/package/configstore)
- continuation-local-storage (from https://github.com/othiym23/node-continuation-local-storage#readme)
- continuation-local-storage (from https://www.npmjs.com/package/continuation-local-storage)
- cryptography (from https://github.com/pyca/cryptography)
- docutils (from http://docutils.sourceforge.net/)
- google-gax (from https://www.npmjs.com/package/google-gax)
......@@ -280,7 +280,7 @@ The following software have components provided under the terms of this license:
- inherits (from https://www.npmjs.com/package/inherits)
- inherits (from https://www.npmjs.com/package/inherits)
- ini (from https://www.npmjs.com/package/ini)
- isexe (from https://github.com/isaacs/isexe#readme)
- isexe (from https://www.npmjs.com/package/isexe)
- json-stringify-safe (from https://github.com/isaacs/json-stringify-safe)
- jwtproxy (from https://www.npmjs.com/package/jwtproxy)
- lockfile (from https://www.npmjs.com/package/lockfile)
......@@ -297,14 +297,14 @@ The following software have components provided under the terms of this license:
- npm-packlist (from https://www.npmjs.com/package/npm-packlist)
- npmlog (from https://www.npmjs.com/package/npmlog)
- once (from https://github.com/isaacs/once#readme)
- osenv (from https://github.com/npm/osenv#readme)
- osenv (from https://www.npmjs.com/package/osenv)
- pseudomap (from https://www.npmjs.com/package/pseudomap)
- request-promise (from https://github.com/request/request-promise)
- request-promise (from https://www.npmjs.com/package/request-promise)
- request-promise-core (from https://www.npmjs.com/package/request-promise-core)
- require-main-filename (from https://www.npmjs.com/package/require-main-filename)
- rimraf (from https://www.npmjs.com/package/rimraf)
- sax (from https://github.com/isaacs/sax-js#readme)
- sax (from https://github.com/isaacs/sax-js#readme)
- sax (from https://www.npmjs.com/package/sax)
- sax (from https://www.npmjs.com/package/sax)
- semver (from https://www.npmjs.com/package/semver)
- semver (from https://www.npmjs.com/package/semver)
- semver (from https://www.npmjs.com/package/semver)
......@@ -395,9 +395,9 @@ The following software have components provided under the terms of this license:
- PyJWT (from http://github.com/jpadilla/pyjwt)
- abbrev (from https://www.npmjs.com/package/abbrev)
- abort-controller (from https://www.npmjs.com/package/abort-controller)
- accepts (from https://github.com/jshttp/accepts)
- accepts (from https://www.npmjs.com/package/accepts)
- adal (from https://github.com/AzureAD/azure-activedirectory-library-for-python)
- agent-base (from https://github.com/TooTallNate/node-agent-base#readme)
- agent-base (from https://www.npmjs.com/package/agent-base)
- ajv (from https://www.npmjs.com/package/ajv)
- ansi-regex (from https://www.npmjs.com/package/ansi-regex)
- ansi-regex (from https://www.npmjs.com/package/ansi-regex)
......@@ -422,11 +422,11 @@ The following software have components provided under the terms of this license:
- balanced-match (from https://www.npmjs.com/package/balanced-match)
- base64-js (from https://www.npmjs.com/package/base64-js)
- bcrypt-pbkdf (from https://www.npmjs.com/package/bcrypt-pbkdf)
- bignumber.js (from https://github.com/MikeMcl/bignumber.js#readme)
- bignumber.js (from https://www.npmjs.com/package/bignumber.js)
- bluebird (from https://www.npmjs.com/package/bluebird)
- body-parser (from https://www.npmjs.com/package/body-parser)
- botocore (from https://github.com/boto/botocore)
- brace-expansion (from https://github.com/juliangruber/brace-expansion)
- brace-expansion (from https://www.npmjs.com/package/brace-expansion)
- browser-request (from http://github.com/iriscouch/browser-request)
- buffer (from https://www.npmjs.com/package/buffer)
- buffer-from (from https://www.npmjs.com/package/buffer-from)
......@@ -458,7 +458,7 @@ The following software have components provided under the terms of this license:
- console-control-strings (from https://www.npmjs.com/package/console-control-strings)
- console-log-level (from https://www.npmjs.com/package/console-log-level)
- content-disposition (from https://www.npmjs.com/package/content-disposition)
- content-type (from https://github.com/jshttp/content-type)
- content-type (from https://www.npmjs.com/package/content-type)
- cookie (from https://www.npmjs.com/package/cookie)
- cookie-signature (from https://github.com/visionmedia/node-cookie-signature)
- copyfiles (from https://www.npmjs.com/package/copyfiles)
......@@ -491,13 +491,13 @@ The following software have components provided under the terms of this license:
- dot-prop (from https://www.npmjs.com/package/dot-prop)
- dot-prop (from https://www.npmjs.com/package/dot-prop)
- duplexify (from https://www.npmjs.com/package/duplexify)
- ecc-jsbn (from https://github.com/quartzjer/ecc-jsbn)
- ecc-jsbn (from https://www.npmjs.com/package/ecc-jsbn)
- ee-first (from https://github.com/jonathanong/ee-first)
- emoji-regex (from https://www.npmjs.com/package/emoji-regex)
- enabled (from https://www.npmjs.com/package/enabled)
- encodeurl (from https://www.npmjs.com/package/encodeurl)
- end-of-stream (from https://github.com/mafintosh/end-of-stream)
- ent (from https://github.com/substack/node-ent)
- end-of-stream (from https://www.npmjs.com/package/end-of-stream)
- ent (from https://www.npmjs.com/package/ent)
- errs (from https://www.npmjs.com/package/errs)
- es-abstract (from https://www.npmjs.com/package/es-abstract)
- es-abstract (from https://www.npmjs.com/package/es-abstract)
......@@ -511,7 +511,7 @@ The following software have components provided under the terms of this license:
- execa (from https://www.npmjs.com/package/execa)
- express (from https://www.npmjs.com/package/express)
- extend (from https://www.npmjs.com/package/extend)
- extsprintf (from https://github.com/davepacheco/node-extsprintf)
- extsprintf (from https://www.npmjs.com/package/extsprintf)
- fast-deep-equal (from https://www.npmjs.com/package/fast-deep-equal)
- fast-json-stable-stringify (from https://www.npmjs.com/package/fast-json-stable-stringify)
- fast-safe-stringify (from https://www.npmjs.com/package/fast-safe-stringify)
......@@ -554,7 +554,7 @@ The following software have components provided under the terms of this license:
- gtoken (from https://www.npmjs.com/package/gtoken)
- har-schema (from https://www.npmjs.com/package/har-schema)
- har-validator (from https://www.npmjs.com/package/har-validator)
- has (from https://github.com/tarruda/has)
- has (from https://www.npmjs.com/package/has)
- has-flag (from https://www.npmjs.com/package/has-flag)
- has-symbols (from https://www.npmjs.com/package/has-symbols)
- has-unicode (from https://www.npmjs.com/package/has-unicode)
......@@ -562,7 +562,7 @@ The following software have components provided under the terms of this license:
- http-errors (from https://www.npmjs.com/package/http-errors)
- http-proxy-agent (from https://www.npmjs.com/package/http-proxy-agent)
- http-signature (from https://www.npmjs.com/package/http-signature)
- https-proxy-agent (from https://github.com/TooTallNate/node-https-proxy-agent#readme)
- https-proxy-agent (from https://www.npmjs.com/package/https-proxy-agent)
- iconv-lite (from https://www.npmjs.com/package/iconv-lite)
- ignore-walk (from https://www.npmjs.com/package/ignore-walk)
- imurmurhash (from https://www.npmjs.com/package/imurmurhash)
......@@ -571,7 +571,7 @@ The following software have components provided under the terms of this license:
- inherits (from https://www.npmjs.com/package/inherits)
- ini (from https://www.npmjs.com/package/ini)
- ioredis (from https://www.npmjs.com/package/ioredis)
- ipaddr.js (from https://github.com/whitequark/ipaddr.js/issues)
- ipaddr.js (from https://www.npmjs.com/package/ipaddr.js)
- is (from https://github.com/enricomarino/is)
- is-arrayish (from https://www.npmjs.com/package/is-arrayish)
- is-buffer (from https://www.npmjs.com/package/is-buffer)
......@@ -590,9 +590,9 @@ The following software have components provided under the terms of this license:
- is-stream-ended (from https://www.npmjs.com/package/is-stream-ended)
- is-symbol (from https://www.npmjs.com/package/is-symbol)
- is-typedarray (from https://github.com/hughsk/is-typedarray)
- isarray (from https://github.com/juliangruber/isarray)
- isarray (from https://github.com/juliangruber/isarray)
- isexe (from https://github.com/isaacs/isexe#readme)
- isarray (from https://www.npmjs.com/package/isarray)
- isarray (from https://www.npmjs.com/package/isarray)
- isexe (from https://www.npmjs.com/package/isexe)
- isstream (from https://github.com/rvagg/isstream)
- jmespath (from https://www.npmjs.com/package/jmespath)
- jmespath (from https://github.com/jmespath/jmespath.py)
......@@ -655,14 +655,14 @@ The following software have components provided under the terms of this license:
- module-details-from-path (from https://www.npmjs.com/package/module-details-from-path)
- moment (from https://www.npmjs.com/package/moment)
- moment-timezone (from https://www.npmjs.com/package/moment-timezone)
- ms (from https://github.com/guille/ms.js)
- ms (from https://github.com/guille/ms.js)
- ms (from https://github.com/guille/ms.js)
- ms (from https://www.npmjs.com/package/ms)
- ms (from https://www.npmjs.com/package/ms)
- ms (from https://www.npmjs.com/package/ms)
- msal (from https://www.npmjs.com/package/msal)
- nan (from https://www.npmjs.com/package/nan)
- needle (from https://www.npmjs.com/package/needle)
- needle (from https://www.npmjs.com/package/needle)
- negotiator (from https://github.com/jshttp/negotiator)
- negotiator (from https://www.npmjs.com/package/negotiator)
- nice-try (from https://www.npmjs.com/package/nice-try)
- node-abort-controller (from https://www.npmjs.com/package/node-abort-controller)
- node-fetch (from https://www.npmjs.com/package/node-fetch)
......@@ -690,7 +690,7 @@ The following software have components provided under the terms of this license:
- os-homedir (from https://github.com/sindresorhus/os-homedir)
- os-name (from https://www.npmjs.com/package/os-name)
- os-tmpdir (from https://github.com/sindresorhus/os-tmpdir)
- osenv (from https://github.com/npm/osenv#readme)
- osenv (from https://www.npmjs.com/package/osenv)
- p-defer (from https://www.npmjs.com/package/p-defer)
- p-finally (from https://www.npmjs.com/package/p-finally)
- p-limit (from https://www.npmjs.com/package/p-limit)
......@@ -708,7 +708,7 @@ The following software have components provided under the terms of this license:
- performance-now (from https://www.npmjs.com/package/performance-now)
- priorityqueuejs (from https://www.npmjs.com/package/priorityqueuejs)
- process (from https://www.npmjs.com/package/process)
- process-nextick-args (from https://github.com/calvinmetcalf/process-nextick-args)
- process-nextick-args (from https://www.npmjs.com/package/process-nextick-args)
- promise.prototype.finally (from https://www.npmjs.com/package/promise.prototype.finally)
- protobufjs (from https://www.npmjs.com/package/protobufjs)
- proxy-addr (from https://www.npmjs.com/package/proxy-addr)
......@@ -726,14 +726,14 @@ The following software have components provided under the terms of this license:
- readable-stream (from https://www.npmjs.com/package/readable-stream)
- readable-stream (from https://www.npmjs.com/package/readable-stream)
- readable-stream (from https://www.npmjs.com/package/readable-stream)
- redis (from https://github.com/NodeRedis/node_redis)
- redis-commands (from https://github.com/NodeRedis/redis-commonds)
- redis (from https://www.npmjs.com/package/redis)
- redis-commands (from https://www.npmjs.com/package/redis-commands)
- redis-errors (from https://www.npmjs.com/package/redis-errors)
- redis-parser (from https://www.npmjs.com/package/redis-parser)
- redlock (from https://www.npmjs.com/package/redlock)
- redlock-async (from https://www.npmjs.com/package/redlock-async)
- replace-in-file (from https://www.npmjs.com/package/replace-in-file)
- request-promise (from https://github.com/request/request-promise)
- request-promise (from https://www.npmjs.com/package/request-promise)
- request-promise-core (from https://www.npmjs.com/package/request-promise-core)
- require-directory (from https://github.com/troygoode/node-require-directory/)
- require-in-the-middle (from https://www.npmjs.com/package/require-in-the-middle)
......@@ -745,8 +745,8 @@ The following software have components provided under the terms of this license:
- safe-buffer (from https://www.npmjs.com/package/safe-buffer)
- safe-buffer (from https://www.npmjs.com/package/safe-buffer)
- safer-buffer (from https://www.npmjs.com/package/safer-buffer)
- sax (from https://github.com/isaacs/sax-js#readme)
- sax (from https://github.com/isaacs/sax-js#readme)
- sax (from https://www.npmjs.com/package/sax)
- sax (from https://www.npmjs.com/package/sax)
- semaphore (from https://www.npmjs.com/package/semaphore)
- semver (from https://www.npmjs.com/package/semver)
- semver (from https://www.npmjs.com/package/semver)
......@@ -815,7 +815,7 @@ The following software have components provided under the terms of this license:
- universalify (from https://www.npmjs.com/package/universalify)
- unpipe (from https://github.com/stream-utils/unpipe)
- untildify (from https://www.npmjs.com/package/untildify)
- url (from https://github.com/defunctzombie/node-url#readme)
- url (from https://www.npmjs.com/package/url)
- url-join (from https://www.npmjs.com/package/url-join)
- urllib3 (from https://urllib3.readthedocs.io/)
- util-deprecate (from https://github.com/TooTallNate/util-deprecate)
......@@ -827,12 +827,12 @@ The following software have components provided under the terms of this license:
- uuid (from https://www.npmjs.com/package/uuid)
- uuid (from https://www.npmjs.com/package/uuid)
- vary (from https://www.npmjs.com/package/vary)
- verror (from https://github.com/davepacheco/node-verror)
- verror (from https://www.npmjs.com/package/verror)
- which (from https://github.com/isaacs/node-which#readme)
- which-module (from https://www.npmjs.com/package/which-module)
- wide-align (from https://www.npmjs.com/package/wide-align)
- windows-release (from https://www.npmjs.com/package/windows-release)
- winston (from https://github.com/winstonjs/winston#readme)
- winston (from https://www.npmjs.com/package/winston)
- winston-transport (from https://www.npmjs.com/package/winston-transport)
- wrap-ansi (from https://www.npmjs.com/package/wrap-ansi)
- wrap-ansi (from https://www.npmjs.com/package/wrap-ansi)
......@@ -901,7 +901,7 @@ W3C
========================================================================
The following software have components provided under the terms of this license:
- sax (from https://github.com/isaacs/sax-js#readme)
- sax (from https://www.npmjs.com/package/sax)
========================================================================
public-domain
......@@ -930,5 +930,4 @@ The following software have components provided under the terms of this license:
- jmespath (from https://www.npmjs.com/package/jmespath)
- json-schema (from http://github.com/kriszyp/json-schema)
- querystring (from https://www.npmjs.com/package/querystring)
- sax (from https://www.npmjs.com/package/sax)
\ No newline at end of file
......@@ -2,6 +2,8 @@ global:
replicaCount: #{REPLICA_COUNT}#
namespace: osdu
podidentity: osdu-identity
minReplicaCount: #{SDMS_MIN_REPLICAS}#
maxReplicaCount: #{SDMS_MAX_REPLICAS}#
configEnv:
cloudProvider: #{PROVIDER_NAME}#
......
apiVersion: autoscaling/v2beta2
kind: HorizontalPodAutoscaler
metadata:
name: {{ .Release.Name }}
namespace: osdu
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: {{ .Release.Name }}
minReplicas: {{ .Values.global.minReplicaCount }}
maxReplicas: {{ .Values.global.maxReplicaCount }}
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 50
behavior:
scaleDown:
stabilizationWindowSeconds: 300
# Either remove 20% of current pods or 2 pods (whichever is lower) every 15 seconds until the the HPA stabilizes
selectPolicy: Min
policies:
- type: Percent
value: 20
periodSeconds: 15
- type: Pods
value: 2
periodSeconds: 15
scaleUp:
stabilizationWindowSeconds: 0
# Either add 100% of current pods or 4 pods (whichever is higher) every 1 second until the the HPA stabilizes
selectPolicy: Max
policies:
- type: Percent
value: 85
periodSeconds: 1
- type: Pods
value: 4
periodSeconds: 1
\ No newline at end of file
......@@ -12,5 +12,6 @@ spec:
- protocol: TCP
port: 80
targetPort: 80
name: http
selector:
app: {{ .Release.Name }}
\ No newline at end of file
app: {{ .Release.Name }}
......@@ -117,4 +117,12 @@ $ docker run --rm -it -v $(pwd):/opt community.opengroup.org:5555/osdu/platform/
```bash
$ docker run --rm -it -v $(pwd):/opt community.opengroup.org:5555/osdu/platform/domain-data-mgmt-services/seismic/seismic-dms-suite/seismic-store-service/seismic-store-service-detect-secrets:latest detect-secrets-hook --baseline /opt/devops/docker/detect_secrets/.secrets.baseline $(git ls-files)
```
##### False positives
Add next comment above the line (in the proper file) that has been detected and is a false positives
```
pragma: allowlist nextline secret
```
\ No newline at end of file
......@@ -39,6 +39,8 @@ azure_deploy:
- sed -i 's/#{REDIS_HOST}#/'$REDIS_INSTANCE_ADDRESS'/' ${CHART_PATH}/values.yaml
- sed -i 's/#{REDIS_PORT}#/'$REDIS_INSTANCE_PORT'/' ${CHART_PATH}/values.yaml
- sed -i 's/#{REPLICA_COUNT}#/'$REPLICA'/' ${CHART_PATH}/values.yaml
- sed -i 's/#{SDMS_MIN_REPLICAS}#/'$SDMS_MIN_REPLICAS'/' ${CHART_PATH}/values.yaml
- sed -i 's/#{SDMS_MAX_REPLICAS}#/'$SDMS_MAX_REPLICAS'/' ${CHART_PATH}/values.yaml
# Install helm chart
- helm upgrade $SERVICE_NAME ${CHART_PATH} --install --dry-run --values $CHART_PATH/values.yaml
- helm upgrade $SERVICE_NAME ${CHART_PATH} --install --values $CHART_PATH/values.yaml
......
......@@ -2,6 +2,8 @@ scan-for-secrets:
image: community.opengroup.org:5555/osdu/platform/domain-data-mgmt-services/seismic/seismic-dms-suite/seismic-store-service/seismic-store-service-detect-secrets:latest
tags: ["osdu-small"]
stage: scan
needs: ['compile-and-unit-test']
needs:
- job: compile-and-unit-test
artifacts: false
script:
- detect-secrets-hook --exclude-files devops/docker/detect_secrets/.secrets.baseline --exclude-files devops/osdu/scanners/scan-for-secrets-node.yml --exclude-files npm-shrinkwrap.json --exclude-files package.json --exclude-files devops/scripts/azure_jwt_client.py --exclude-files src/cloud/providers/azure/keyvault.ts --exclude-files tests/utest/cloud/azure/keyvault.ts --baseline devops/docker/detect_secrets/.secrets.baseline $(git ls-files)
\ No newline at end of file
- detect-secrets-hook --exclude-files npm-shrinkwrap.json --exclude-files package.json --exclude-files devops/osdu/scanners/scan-for-secrets-node.yml --baseline devops/docker/detect_secrets/.secrets.baseline $(git ls-files)
\ No newline at end of file
......@@ -50,7 +50,8 @@ def get_invalid_token():
}
'''
return "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJkdW1teUBkdW1teS5jb20iLCJpc3MiOiJkdW1teUBkdW1teS5jb20iLCJhdWQiOiJkdW1teS5kdW1teS5jb20iLCJpYXQiOjE1NTYxMzcyNzMsImV4cCI6MTU1NjIzMDk3OSwicHJvdmlkZXIiOiJkdW1teS5jb20iLCJjbGllbnQiOiJkdW1teS5jb20iLCJ1c2VyaWQiOiJkdW1teXRlc3Rlci5jb20iLCJlbWFpbCI6ImR1bW15dGVzdGVyLmNvbSIsImF1dGh6IjoiIiwibGFzdG5hbWUiOiJkdW1teSIsImZpcnN0bmFtZSI6ImR1bW15IiwiY291bnRyeSI6IiIsImNvbXBhbnkiOiIiLCJqb2J0aXRsZSI6IiIsInN1YmlkIjoiZHVtbXlpZCIsImlkcCI6ImR1bW15IiwiaGQiOiJkdW1teS5jb20iLCJkZXNpZCI6ImR1bW15aWQiLCJjb250YWN0X2VtYWlsIjoiZHVtbXlAZHVtbXkuY29tIiwianRpIjoiNGEyMWYyYzItZjU5Yy00NWZhLTk0MTAtNDNkNDdhMTg4ODgwIn0.nkiyKtfXXxAlC60iDjXuB2EAGDfZiVglP-CyU1T4etc"
# pragma: allowlist nextline secret
return "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJkdW1teUBkdW1teS5jb20iLCJpc3MiOiJkdW1teUBkdW1teS5jb20iLCJhdWQiOiJkdW1teS5kdW1teS5jb20iLCJpYXQiOjE1NTYxMzcyNzMsImV4cCI6MTU1NjIzMDk3OSwicHJvdmlkZXIiOiJkdW1teS5jb20iLCJjbGllbnQiOiJkdW1teS5jb20iLCJ1c2VyaWQiOiJkdW1teXRlc3Rlci5jb20iLCJlbWFpbCI6ImR1bW15dGVzdGVyLmNvbSIsImF1dGh6IjoiIiwibGFzdG5hbWUiOiJkdW1teSIsImZpcnN0bmFtZSI6ImR1bW15IiwiY291bnRyeSI6IiIsImNvbXBhbnkiOiIiLCJqb2J0aXRsZSI6IiIsInN1YmlkIjoiZHVtbXlpZCIsImlkcCI6ImR1bW15IiwiaGQiOiJkdW1teS5jb20iLCJkZXNpZCI6ImR1bW15aWQiLCJjb250YWN0X2VtYWlsIjoiZHVtbXlAZHVtbXkuY29tIiwianRpIjoiNGEyMWYyYzItZjU5Yy00NWZhLTk0MTAtNDNkNDdhMTg4ODgwIn0.nkiyKtfXXxAlC60iDjXuB2EAGDfZiVglP-CyU1T4etc"
if __name__ == '__main__':
get_id_token()
\ No newline at end of file
......@@ -83,6 +83,12 @@ paths:
tags:
- Dataset
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""
- description: "Legal tag of the dataset."
in: header
name: ltag
......@@ -142,6 +148,12 @@ paths:
tags:
- Dataset
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""
- description: "Name of the tenant."
in: path
name: tenantid
......@@ -188,6 +200,12 @@ paths:
tags:
- Dataset
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""
- description: "Name of the tenant."
in: path
name: tenantid
......@@ -237,6 +255,12 @@ paths:
tags:
- Dataset
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""
- description: "Name of the tenant."
in: path
name: tenantid
......@@ -300,6 +324,12 @@ paths:
tags:
- Dataset
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""
- description: "Name of the tenant."
in: path
name: tenantid
......@@ -358,6 +388,12 @@ paths:
tags:
- Dataset
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""
- description: "Name of the tenant."
in: path
name: tenantid
......@@ -404,6 +440,12 @@ paths:
tags:
- Dataset
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""
- description: "Name of the tenant."
in: path
name: tenantid
......@@ -446,6 +488,12 @@ paths:
tags:
- Dataset
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""
- description: "Name of the tenant."
in: path
name: tenantid
......@@ -496,6 +544,12 @@ paths:
tags:
- Dataset
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""
- description: "Name of the tenant."
in: path
name: tenantid
......@@ -548,6 +602,12 @@ paths:
tags:
- Dataset
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""
- description: "The tenant project name."
in: path
name: tenantid
......@@ -579,6 +639,12 @@ paths:
tags:
- Dataset
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""
- description: "Name of the tenant."
in: path
name: tenantid
......@@ -623,6 +689,12 @@ paths:
tags:
- Dataset
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""
- description: "Name of the tenant."
in: path
name: tenantid
......@@ -666,6 +738,12 @@ paths:
tags:
- Dataset
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""
- description: "Name of the tenant."
in: path
name: tenantid
......@@ -709,6 +787,12 @@ paths:
tags:
- Utility
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""
- description: "Seismic store path, sd://tenant/sub-project/path."
in: query
name: sdpath
......@@ -758,6 +842,12 @@ paths:
tags:
- Utility
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""
- description: "Seismic store source dataset path."
in: query
name: sdpath_from
......@@ -803,6 +893,12 @@ paths:
tags:
- Utility
parameters:
- description: "The impersonation token context (required only with impersonation token credentials)"
in: header
name: impersonation-token-context
type: string
required: false
default: ""