Legal merge requestshttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests2023-05-13T05:03:07Zhttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/328Upgrade legal service for the corelib azure changes2023-05-13T05:03:07ZNishant VidyasagarUpgrade legal service for the corelib azure changesNishant VidyasagarNishant Vidyasagarhttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/395Set FailOnError to false2023-04-28T20:05:59ZYash DholakiaSet FailOnError to false## All Submissions:
-------------------------------------
* [YES] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [NA] I have added tes...## All Submissions:
-------------------------------------
* [YES] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [NA] I have added tests to cover my changes.
* [YES] All new and existing tests passed.
* [YES] My code follows the code style of this project.
* [YES] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Dependency-check-maven fails when nvd.nist is down and eventually build fails.
## What is the new behavior?
-------------------------------------
Build will not fail when Dependency-check-maven fails
## Does this introduce a breaking change?
-------------------------------------
- [NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->Yash DholakiaYash Dholakiahttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/388Fix FOSSA notice2023-04-13T14:13:51ZChad LeongFix FOSSA noticeFix FOSSA noticeFix FOSSA noticeM17 - Release 0.20https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/384ReadOnlyRootFileSystem changes for AWS2023-04-07T18:07:22ZAbhay JoshiReadOnlyRootFileSystem changes for AWS## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have...## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have added tests to cover my changes.
* [YES/NO/NA] All new and existing tests passed.
* [YES/NO/NA] My code follows the code style of this project.
* [YES/NO/NA] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Issue: Remember to link the workitem to this pull request.
Service pod can be written to by aws application
## What is the new behavior?
-------------------------------------
<!-- Please describe the behavior or changes that are being added by this PR. -->
-
-
-
Service pod cannot be written to by aws application
## Does this introduce a breaking change?
-------------------------------------
- [YES/NO]
No
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->M18 - Release 0.21Okoun-Ola Fabien HouetoAbhay JoshiOkoun-Ola Fabien Houetohttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/357Aws integration merge2023-03-17T18:33:09ZAbhishek PatilAws integration merge## All Submissions:
-------------------------------------
* YES I have added an explanation of what changes in this merge do and why we should include it?
* YES I have updated the documentation accordingly.
* NA I have added tests to cov...## All Submissions:
-------------------------------------
* YES I have added an explanation of what changes in this merge do and why we should include it?
* YES I have updated the documentation accordingly.
* NA I have added tests to cover my changes.
* YES All new and existing tests passed.
* YES My code follows the code style of this project.
* YES I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
- Spring Security core version lower than 5.7.5
## What is the new behavior?
-------------------------------------
- Spring Security core version higher than 5.7.5 and other vulnerable package upgrades
## Does this introduce a breaking change?
-------------------------------------
- NO
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->Okoun-Ola Fabien HouetoYash DholakiaOkoun-Ola Fabien Houetohttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/371Aadded helm oci package2023-03-06T18:33:35ZSiarhei Symanovich (EPAM)Aadded helm oci packageAdded helm oci publishing for Google Cloud.Added helm oci publishing for Google Cloud.Siarhei Symanovich (EPAM)Siarhei Symanovich (EPAM)https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/368Draft: Gonrg 6532 test2023-02-22T17:45:52ZOleh Miniailov [EPAM / GCP]Draft: Gonrg 6532 test## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have...## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have added tests to cover my changes.
* [YES/NO/NA] All new and existing tests passed.
* [YES/NO/NA] My code follows the code style of this project.
* [YES/NO/NA] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Issue: Remember to link the workitem to this pull request.
## What is the new behavior?
-------------------------------------
<!-- Please describe the behavior or changes that are being added by this PR. -->
-
-
-
## Does this introduce a breaking change?
-------------------------------------
- [YES/NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/358Upgrade First Party Library Dependencies for Release 0.192023-02-18T07:31:16ZDavid Diederichd.diederich@opengroup.orgUpgrade First Party Library Dependencies for Release 0.19This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any...This automated MR upgrades the first party libraries (other OSDU libraries) to utilize the latest release.
The intent is to keep the OSDU projects utilizing the latest available code to ensure widespread usage and stability.
However, any library that is older than the previous release will be left as-is, since the upgrade is likely to be more complicated.
Furthermore, the upgrade should only be merged in the CI pipeline reports success.
If this MR has failed, we can spend a little time investigating to see if a trivial upgrade could achieve compatiblity to the new library.
But significant upgrade efforts should not occur on this MR, as part of the release tagging process.
Instead, significant work should be scheduled for a subsequent milestone.
### Dependency Information Before the Upgrade
```
Branch: master
SHA: 94bc5d864eb15e0cfff6b86c661995f4f45ff2a7
Maven: 0.20.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------- | ---------------------- |
| core-lib-azure | 0.18.1 | 0.16.0 |
| core-lib-gcp | 0.19.0-rc3 | |
| os-core-lib-aws | 0.18.0 | 0.18.0 |
| obm | 0.18.0 | |
| oqm | 0.18.0 | |
| os-core-common | 0.18.0 | 0.18.0, 0.16.0 |
| os-core-lib-ibm | 0.17.0-rc4 | 0.16.0 |
| osm | 0.18.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0, 2.13.4.2 | 2.13.2.2, 2.10.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.17.2, 2.13.3, 2.11.2 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.17.2, 2.11.2, 2.13.3 |
| (3rd Party) org.springframework.spring-webflux | 5.3.22 | |
| (3rd Party) org.springframework.spring-webmvc | 5.3.22 | 5.3.22 |
### Dependency Information After the Upgrade
```
Branch: dependency-upgrade-2
SHA: 19b08edb2f667e14cd51e322f333821eb065e20c
Maven: 0.20.0-SNAPSHOT
```
| Maven Dependencies | _Root_ | testing/ |
| ------------------------------------------------------- | ---------------- | ---------------------- |
| core-lib-azure | 0.19.0 | 0.16.0 |
| core-lib-gcp | 0.19.0 | |
| os-core-lib-aws | 0.19.0 | 0.19.0 |
| obm | 0.19.0 | |
| oqm | 0.19.0 | |
| os-core-common | 0.19.0 | 0.19.0, 0.16.0 |
| os-core-lib-ibm | 0.17.0-rc4 | 0.16.0 |
| osm | 0.19.0 | |
| (3rd Party) com.fasterxml.jackson.core.jackson-databind | 2.14.0, 2.13.4.2 | 2.13.2.2, 2.10.3 |
| (3rd Party) org.apache.logging.log4j.log4j-api | 2.17.1 | 2.17.2, 2.13.3, 2.11.2 |
| (3rd Party) org.apache.logging.log4j.log4j-core | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-jul | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-slf4j-impl | 2.17.1 | 2.13.3 |
| (3rd Party) org.apache.logging.log4j.log4j-to-slf4j | 2.17.1 | 2.17.2, 2.11.2, 2.13.3 |
| (3rd Party) org.springframework.spring-webflux | 5.3.24 | |
| (3rd Party) org.springframework.spring-webmvc | 5.3.22 | 5.3.24, 5.3.22 |M16 - Release 0.19https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/360Spring Vulnerabilities2023-02-17T21:17:57ZMarc Burnie [AWS]Spring VulnerabilitiesIncludes: AWS Adding support for EKS 1.23Includes: AWS Adding support for EKS 1.23M17 - Release 0.20Marc Burnie [AWS]Marc Burnie [AWS]https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/326upgrading legal service for corelib azure changes2023-02-17T17:51:38ZNishant Vidyasagarupgrading legal service for corelib azure changesNishant VidyasagarNishant Vidyasagarhttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/244Tune deployment of legal in azure2023-02-04T05:29:24ZRostislav Vatolinvatolinrp@gmail.comTune deployment of legal in azure## All Submissions:
-------------------------------------
* [YES] I have added an explanation of what changes in this merge do and why we should include it?
* [YES] I have updated the documentation accordingly.
* [NA] I have added tests ...## All Submissions:
-------------------------------------
* [YES] I have added an explanation of what changes in this merge do and why we should include it?
* [YES] I have updated the documentation accordingly.
* [NA] I have added tests to cover my changes.
* [YES] All new and existing tests passed.
* [NA] My code follows the code style of this project.
* [NA] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
Issue: https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/issues/27
## What is the new behavior?
-------------------------------------
Please see the issue.
## Does this introduce a breaking change?
-------------------------------------
- [NO]
## Any relevant logs, error output, etc?
-------------------------------------
NA
## Other information
-------------------------------------
NARostislav Vatolinvatolinrp@gmail.comRostislav Vatolinvatolinrp@gmail.comhttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/286Draft: mpetrenko-alpine-fix2023-02-04T05:29:22ZMaksym Petrenko [EPAM / GCP]Draft: mpetrenko-alpine-fix## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have...## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have added tests to cover my changes.
* [YES/NO/NA] All new and existing tests passed.
* [YES/NO/NA] My code follows the code style of this project.
* [YES/NO/NA] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Issue: Remember to link the workitem to this pull request.
## What is the new behavior?
-------------------------------------
<!-- Please describe the behavior or changes that are being added by this PR. -->
-
-
-
## Does this introduce a breaking change?
-------------------------------------
- [YES/NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/250Fix swagger page2023-02-04T05:29:22ZRostislav Vatolinvatolinrp@gmail.comFix swagger page## All Submissions:
-------------------------------------
* [YES] I have added an explanation of what changes in this merge do and why we should include it?
* [NA] I have updated the documentation accordingly.
* [NA] I have added tests t...## All Submissions:
-------------------------------------
* [YES] I have added an explanation of what changes in this merge do and why we should include it?
* [NA] I have updated the documentation accordingly.
* [NA] I have added tests to cover my changes.
* [NA] All new and existing tests passed.
* [NA] My code follows the code style of this project.
* [NA] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
Swagger page is not working
Issue: https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/issues/28
## What is the new behavior?
-------------------------------------
- Swagger page works
## Does this introduce a breaking change?
-------------------------------------
- [NO]
## Any relevant logs, error output, etc?
-------------------------------------
NA
## Other information
-------------------------------------
NARostislav Vatolinvatolinrp@gmail.comRostislav Vatolinvatolinrp@gmail.comhttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/223Azure/merge m8 with master2023-02-04T05:29:21ZAbhishek PatilAzure/merge m8 with master## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have...## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have added tests to cover my changes.
* [YES/NO/NA] All new and existing tests passed.
* [YES/NO/NA] My code follows the code style of this project.
* [YES/NO/NA] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Issue: Remember to link the workitem to this pull request.
## What is the new behavior?
-------------------------------------
<!-- Please describe the behavior or changes that are being added by this PR. -->
-
-
-
## Does this introduce a breaking change?
-------------------------------------
- [YES/NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->Abhishek PatilAbhishek Patilhttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/263Draft: GONRG-5251: fix checking helm status2023-02-04T05:29:19ZNastassia Rabeichykava (EPAM)Draft: GONRG-5251: fix checking helm statushttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/325Upgrading legal service for the corelib service upgrade2023-01-24T04:01:59ZNishant VidyasagarUpgrading legal service for the corelib service upgradeNishant VidyasagarNishant Vidyasagarhttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/283Draft: Gonrg 5457 update pipeline for using gcloud alpine image2023-01-23T21:17:44ZMaksym Petrenko [EPAM / GCP]Draft: Gonrg 5457 update pipeline for using gcloud alpine image## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have...## All Submissions:
-------------------------------------
* [YES/NO] I have added an explanation of what changes in this merge do and why we should include it?
* [YES/NO] I have updated the documentation accordingly.
* [YES/NO/NA] I have added tests to cover my changes.
* [YES/NO/NA] All new and existing tests passed.
* [YES/NO/NA] My code follows the code style of this project.
* [YES/NO/NA] I ran lint checks locally prior to submission.
## What is the current behavior?
-------------------------------------
<!-- Please describe the current behavior that you are modifying, or link to a relevant issue. -->
Issue: Remember to link the workitem to this pull request.
## What is the new behavior?
-------------------------------------
<!-- Please describe the behavior or changes that are being added by this PR. -->
-
-
-
## Does this introduce a breaking change?
-------------------------------------
- [YES/NO]
<!-- If this introduces a breaking change, please describe the impact and migration path for existing applications below. -->
## Any relevant logs, error output, etc?
-------------------------------------
(If it’s long, please paste to https://ghostbin.com/ and insert the link here.)
## Other information
-------------------------------------
<!-- Any other information that is important to this PR such as screenshots of how the component looks before and after the change. -->https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/327upgrading legal service for corelib changes2022-12-29T10:34:39ZNishant Vidyasagarupgrading legal service for corelib changesNishant VidyasagarNishant Vidyasagarhttps://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/346Draft: GONRG-5894 - GC renaming2022-12-27T03:57:11ZAliaksandr Ramanovich (EPAM)Draft: GONRG-5894 - GC renamingAliaksandr Ramanovich (EPAM)Aliaksandr Ramanovich (EPAM)https://community.opengroup.org/osdu/platform/security-and-compliance/legal/-/merge_requests/334GONRG-6045: Remove NEG annotation in service2022-12-06T11:31:29ZVolodymyr Pienskoi [EPAM / GCP]GONRG-6045: Remove NEG annotation in serviceServices created in GKE clusters 1.17.6-gke.7 and up with VPC-native traffic routing enabled are annotated automatically with `cloud.google.com/neg: '{"ingress": true}'`. This means that this annotation is not required explicitly and can...Services created in GKE clusters 1.17.6-gke.7 and up with VPC-native traffic routing enabled are annotated automatically with `cloud.google.com/neg: '{"ingress": true}'`. This means that this annotation is not required explicitly and can be removed.
More details in [GKE Load Balancing documentation](https://cloud.google.com/kubernetes-engine/docs/concepts/ingress#container-native_load_balancing).Volodymyr Pienskoi [EPAM / GCP]Volodymyr Pienskoi [EPAM / GCP]