Entitlements merge requestshttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests2022-08-23T21:25:44Zhttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/183Upgrade Log4J to 2.17.12022-08-23T21:25:44ZDavid Diederichd.diederich@opengroup.orgUpgrade Log4J to 2.17.1Closes #96Closes #96M10 - Release 0.13David Diederichd.diederich@opengroup.orgDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/182AWS tomcat version vulnerability fix2022-01-21T20:05:25ZYifei XuAWS tomcat version vulnerability fixAWS tomcat version vulnerability fix and minor addition in AWS README.mdAWS tomcat version vulnerability fix and minor addition in AWS README.mdM10 - Release 0.13JoeGregYifei XuJoehttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/180Fixed cors for entv2 (GONRG-4187)2022-01-25T08:39:27ZRiabokon Stanislav(EPAM)[GCP]Fixed cors for entv2 (GONRG-4187)Fixed issue https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/issues/97Fixed issue https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/issues/97M10 - Release 0.13Riabokon Stanislav(EPAM)[GCP]Riabokon Stanislav(EPAM)[GCP]https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/179GCP added checkpoints for dev2 vars [GONRG-4182]2023-08-18T11:33:26ZMikhail Piatliou (EPAM)GCP added checkpoints for dev2 vars [GONRG-4182]M10 - Release 0.13Mikhail Piatliou (EPAM)Mikhail Piatliou (EPAM)https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/178Fix hardcoded values [GONRG-4182]2023-08-18T11:33:28ZMikhail Piatliou (EPAM)Fix hardcoded values [GONRG-4182]M10 - Release 0.13Mikhail Piatliou (EPAM)Mikhail Piatliou (EPAM)https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/177Fix service account name for dev2 env [GONRG-4182]2023-08-18T11:33:30ZMikhail Piatliou (EPAM)Fix service account name for dev2 env [GONRG-4182]M10 - Release 0.13Mikhail Piatliou (EPAM)Mikhail Piatliou (EPAM)https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/176GONRG-4118 Add imagePullPolicy value2023-08-18T11:33:31ZIgor Zimovets (EPAM)GONRG-4118 Add imagePullPolicy valueM10 - Release 0.13https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/175Upgrading to swagger 32022-03-01T18:06:59ZAman VermaUpgrading to swagger 3Find more details in the issue: https://community.opengroup.org/osdu/platform/system/file/-/issues/48
Reference MR: https://community.opengroup.org/osdu/platform/system/file/-/merge_requests/212Find more details in the issue: https://community.opengroup.org/osdu/platform/system/file/-/issues/48
Reference MR: https://community.opengroup.org/osdu/platform/system/file/-/merge_requests/212M10 - Release 0.13Aman VermaAman Vermahttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/174Update GKE SA to follow common naming convention [GONRG-4113]2023-08-18T11:33:33ZMikhail Piatliou (EPAM)Update GKE SA to follow common naming convention [GONRG-4113]M10 - Release 0.13Mikhail Piatliou (EPAM)Mikhail Piatliou (EPAM)https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/170Enable entv2 service and int. tests to run locally2022-01-14T03:54:16ZRucha DeshpandeEnable entv2 service and int. tests to run locallycommit 0735d2df
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Mon Dec 06 2021 16:27:49 GMT-0600 (Central Standard Time)
remove readme
commit cbee10b0
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Mon Dec 06 2021 1...commit 0735d2df
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Mon Dec 06 2021 16:27:49 GMT-0600 (Central Standard Time)
remove readme
commit cbee10b0
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Mon Dec 06 2021 13:51:07 GMT-0600 (Central Standard Time)
update Readme
commit 865d7252
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Mon Dec 06 2021 12:36:28 GMT-0600 (Central Standard Time)
update readme
commit c09b2129
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Mon Dec 06 2021 11:51:24 GMT-0600 (Central Standard Time)
update README
commit 64e7769d
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Mon Dec 06 2021 11:23:13 GMT-0600 (Central Standard Time)
update README
commit 56093a35
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Mon Dec 06 2021 09:55:51 GMT-0600 (Central Standard Time)
update README.md
commit e7e59703
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Sun Dec 05 2021 17:53:58 GMT-0600 (Central Standard Time)
add README.md
commit cbfc387b
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Fri Dec 03 2021 17:03:54 GMT-0600 (Central Standard Time)
uncomment preauth filter
commit 2151dcf5
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Fri Dec 03 2021 16:51:28 GMT-0600 (Central Standard Time)
add LOCAL_MODE var for local testing
commit deaa0acd
Author: Rucha Deshpande <deshruch@amazon.com>
Date: Fri Dec 03 2021 16:49:22 GMT-0600 (Central Standard Time)
fix int tests to be run locallyM10 - Release 0.13JoeRucha DeshpandeGregJoehttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/164Upgrading library versions to incorporate the latest Log4j fix2023-08-18T11:33:36ZDavid Diederichd.diederich@opengroup.orgUpgrading library versions to incorporate the latest Log4j fixThese updates apply version 2.17, addressing CVE-2021-45105
Part of the #92 seriesThese updates apply version 2.17, addressing CVE-2021-45105
Part of the #92 seriesM10 - Release 0.13David Diederichd.diederich@opengroup.orgDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/161Disables unsafe subst for log4j2023-08-18T11:33:38ZOleksii Tsyganov (EPAM)Disables unsafe subst for log4jM10 - Release 0.13Oleksii Tsyganov (EPAM)Oleksii Tsyganov (EPAM)https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/160log4j-fix-azure2023-08-18T11:33:40ZDmitrii Gerashchenkolog4j-fix-azurePart of
- https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/issues/91 series
- https://community.opengroup.org/groups/osdu/platform/-/epics/11Part of
- https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/issues/91 series
- https://community.opengroup.org/groups/osdu/platform/-/epics/11M10 - Release 0.13Dmitrii GerashchenkoDmitrii Gerashchenkohttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/157fix for log4j upgrade to log4j 2.16.02023-08-18T11:33:41ZAnuj Guptafix for log4j upgrade to log4j 2.16.0|module pom changes| Ref Issue|
|------|-----------------------------------------------------------------------------------------------|
| IBM | https://community.opengroup.org/osdu/platform/system/lib/cloud/ibm/os-core-lib-ibm/-/issues...|module pom changes| Ref Issue|
|------|-----------------------------------------------------------------------------------------------|
| IBM | https://community.opengroup.org/osdu/platform/system/lib/cloud/ibm/os-core-lib-ibm/-/issues/2 |
| Core | https://community.opengroup.org/osdu/platform/system/lib/core/os-core-common/-/issues/54 |
Part of the #91 seriesM10 - Release 0.13David Diederichd.diederich@opengroup.orgAnuj GuptaShrikant GargDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/156Vuln fix netty codec2023-08-18T11:33:43ZGokul NagareVuln fix netty codecM10 - Release 0.13Anuj GuptaShrikant GargAnuj Guptahttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/155Update values.yaml2023-08-18T11:33:44ZMANISH KUMARUpdate values.yamlM10 - Release 0.13https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/153Add IAP auth (GONRG-3860)2021-12-10T11:25:07ZRustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comAdd IAP auth (GONRG-3860)# Description:
Make authentication configurable. Can be used IAP, OpenID, or trust to external authentication.
# How to test:
Property `GCP_AUTHENTICATION_MODE` can be used to change auth configuration.
# Changes include:
- [ ] Refac...# Description:
Make authentication configurable. Can be used IAP, OpenID, or trust to external authentication.
# How to test:
Property `GCP_AUTHENTICATION_MODE` can be used to change auth configuration.
# Changes include:
- [ ] Refactor (a non-breaking change that improves code maintainability).
- [ ] Bugfix (a non-breaking change that solves an issue).
- [x] New feature (a non-breaking change that adds functionality).
- [ ] Breaking change (a change that is not backward-compatible and/or changes current functionality).
# Changes in:
- [x] GCP
- [ ] Azure
- [ ] AWS
- [ ] IBM
# Dev Checklist:
- [x] Added Unit Tests, wherever applicable.
- [x] Updated the Readme, if applicable.
- [x] Existing Tests pass
- [x] Verified functionality locally
- [x] Self Reviewed my code for formatting and complex business logic.M10 - Release 0.13Riabokon Stanislav(EPAM)[GCP]Riabokon Stanislav(EPAM)[GCP]https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/152Bugfix: Entitlements returns empty response during authentication (GONRG-3841)2023-08-18T11:33:46ZArtem Dobrynin (EPAM)Bugfix: Entitlements returns empty response during authentication (GONRG-3841)Added audience info for access_tokenAdded audience info for access_tokenM10 - Release 0.13Riabokon Stanislav(EPAM)[GCP]Riabokon Stanislav(EPAM)[GCP]https://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/151Disable spring web security 2052023-08-18T11:33:48ZBhushan RadeDisable spring web security 205 remove and Shift authentication logic to service mesh remove and Shift authentication logic to service meshM10 - Release 0.13Anuj GuptaBhushan RadeAnuj Guptahttps://community.opengroup.org/osdu/platform/security-and-compliance/entitlements/-/merge_requests/149Upgrade vulnerable dependencies according to WhiteSource alerts2023-08-18T11:33:50ZDmitrii GerashchenkoUpgrade vulnerable dependencies according to WhiteSource alertshttps://community.opengroup.org/osdu/platform/system/lib/core/os-core-common/-/issues/53
https://community.opengroup.org/osdu/platform/system/lib/core/os-core-common/-/issues/52
- os-core-common version upgrade after MR: https://communi...https://community.opengroup.org/osdu/platform/system/lib/core/os-core-common/-/issues/53
https://community.opengroup.org/osdu/platform/system/lib/core/os-core-common/-/issues/52
- os-core-common version upgrade after MR: https://community.opengroup.org/osdu/platform/system/lib/core/os-core-common/-/merge_requests/126
- os-core-lib-azure version upgrade after MR: https://community.opengroup.org/osdu/platform/system/lib/cloud/azure/os-core-lib-azure/-/merge_requests/165
Part of the #91 seriesM10 - Release 0.13Dmitrii GerashchenkoDmitrii Gerashchenko