Policy merge requestshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests2024-01-12T11:19:02Zhttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/464Merge branch 'fix-gc-bootstrap' into 'master'2024-01-12T11:19:02ZAliaksandr Ramanovich (EPAM)Merge branch 'fix-gc-bootstrap' into 'master'GC changes only
hotfix to avoid image build errors
See merge request osdu/platform/security-and-compliance/policy!463
(cherry picked from commit d4abf3576ff230acedba27e6f2069f16ec518d38)
e2e7e889 hotfix to avoid image build errorsGC changes only
hotfix to avoid image build errors
See merge request osdu/platform/security-and-compliance/policy!463
(cherry picked from commit d4abf3576ff230acedba27e6f2069f16ec518d38)
e2e7e889 hotfix to avoid image build errorsM22 - Release 0.25Aliaksandr Ramanovich (EPAM)Aliaksandr Ramanovich (EPAM)https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/463hotfix to avoid image build errors2024-01-11T18:13:02ZAliaksandr Ramanovich (EPAM)hotfix to avoid image build errorshotfix to avoid errors during image building related to Externally Managed Environmentshotfix to avoid errors during image building related to Externally Managed EnvironmentsM22 - Release 0.25Aliaksandr Ramanovich (EPAM)Aliaksandr Ramanovich (EPAM)https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/462Audit Logging Feature and FastAPI upgrade2024-02-13T18:34:00ZShane HutchinsAudit Logging Feature and FastAPI upgrade- Add an external audit log https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/113
- Upgrade FastAPI to 0.109.2 and associated dependencies for security issues (CVE-2024-24762)
- Updated documentation
-...- Add an external audit log https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/113
- Upgrade FastAPI to 0.109.2 and associated dependencies for security issues (CVE-2024-24762)
- Updated documentation
- Integration test update
- Updated log and error messages
- Notice update
- Secrets ignore added (trufflehog)M23 - Release 0.26Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/461Merge branch 'aws-fix-containerize' into 'master'2023-12-11T16:18:22ZDerek HudsonMerge branch 'aws-fix-containerize' into 'master'Fix containerize on GitLab.
See merge request osdu/platform/security-and-compliance/policy!460
(cherry picked from commit be618388a1cf5bda01640701ff6aa8a6e1a0470f)
3302172b Fix containerize on GitLab.
788c8888 Now testing a Python vir...Fix containerize on GitLab.
See merge request osdu/platform/security-and-compliance/policy!460
(cherry picked from commit be618388a1cf5bda01640701ff6aa8a6e1a0470f)
3302172b Fix containerize on GitLab.
788c8888 Now testing a Python virtual environment.
3c29b97f Made the image frozen.
7e4f0f9d Updating NOTICEM22 - Release 0.25Derek HudsonDerek Hudsonhttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/460Fix containerize on GitLab.2023-12-11T15:40:24ZDerek HudsonFix containerize on GitLab.Fixes the AWS containerize on GitLabFixes the AWS containerize on GitLabM22 - Release 0.25Derek HudsonDerek Hudsonhttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/459Update FOSSA NOTICE2023-12-08T21:38:46ZDavid Diederichd.diederich@opengroup.orgUpdate FOSSA NOTICEThis MR updates the attribution file for the project (also known as the `NOTICE` file).
It is important to keep this up to date to satisfy legal requirements of dependency licenses.
We use FOSSA as the tool to scan for and detect these ...This MR updates the attribution file for the project (also known as the `NOTICE` file).
It is important to keep this up to date to satisfy legal requirements of dependency licenses.
We use FOSSA as the tool to scan for and detect these changes.M22 - Release 0.25https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/458AWS - Merge dev to master2023-12-07T14:59:03ZGuillaume CailletAWS - Merge dev to masterAWS only changes
Improvements on AWS testsAWS only changes
Improvements on AWS testsM22 - Release 0.25Yunhua KoglinYunhua Koglinhttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/457Documentation Update2023-11-30T18:45:03ZShane HutchinsDocumentation Update- Arch diagram update https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/123
- Release notes updates for M22- Arch diagram update https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/123
- Release notes updates for M22M22 - Release 0.25Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/456AWS - Merge from dev2023-11-22T15:48:14ZGuillaume CailletAWS - Merge from dev* Add or update License header
* Updated base docker image to decrease CVE* Add or update License header
* Updated base docker image to decrease CVEM22 - Release 0.25Guillaume CailletGuillaume Caillethttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/455Additional M22 features and fixes2023-11-16T20:34:23ZShane HutchinsAdditional M22 features and fixes- Updated documentation, including generated OpenAPI spec. Including documentation for https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/122
- New optional group support for /boostrap and /tenant APIs....- Updated documentation, including generated OpenAPI spec. Including documentation for https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/122
- New optional group support for /boostrap and /tenant APIs. [121](https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/121). By default it will use `policy.service.admin` but this can be changed with environment variable `OPS_PERMISSION`. Updated OpenAPI/swagger to show required permissions for all APIs as configured and related documentation. In future releases this will likely use a new group, but for now a new group is allowed. https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/121
- Now that this API can be additionally protected work for /tenant can continue.
- Added X-Error response header for DELETE /tenant.
- Reformatted code
- Updated /info API to include commit message https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/67
- Updated dependenciesM22 - Release 0.25Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/454bugfix for utf8, issue 1222023-11-28T12:53:13ZShane Hutchinsbugfix for utf8, issue 122Bugfix for not properly encoding while writing directly to OPA.
https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/122Bugfix for not properly encoding while writing directly to OPA.
https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/122M22 - Release 0.25Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/453Bugfix API update for additional responses, correlation-id, data-partition-id...2023-11-28T12:53:14ZShane HutchinsBugfix API update for additional responses, correlation-id, data-partition-id, /bootstrap API and other fixesFound issues while preship testing M21:
- Adding additional API responses into OpenAPI Spec https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/118
- Bugfix for junk in data-partition-id and correlation-...Found issues while preship testing M21:
- Adding additional API responses into OpenAPI Spec https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/118
- Bugfix for junk in data-partition-id and correlation-id headers, both now must match a defined pattern (in conf.py)
- Bugfix for /bootstrap API
- Bugfix for PUT /tenant API https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/119
Other cleanup/issues added:
- /health test fix for IBM https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/120
- Lots of code cleanup
- Update CI to get build information for info API https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/67M22 - Release 0.25Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/452adjust load test for azure CBL-Mariner/Linux2023-11-28T12:53:16ZShane Hutchinsadjust load test for azure CBL-Mariner/LinuxAzure switched to Common Base Linux Mariner image, so apt get isn't working anymore.
Attempting to use yumAzure switched to Common Base Linux Mariner image, so apt get isn't working anymore.
Attempting to use yumM22 - Release 0.25Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/451Notice update2023-11-28T12:53:17ZShane HutchinsNotice updateM22 - Release 0.25Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/450Notice update2023-11-28T12:53:18ZShane HutchinsNotice update- Notice update- Notice updateM22 - Release 0.25Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/449Cherry-pick: Merge branch 'GONRG-7981-update-bootstrap' into 'release/0.24'2023-10-20T15:48:50ZYauheni Rykhter (EPAM)Cherry-pick: Merge branch 'GONRG-7981-update-bootstrap' into 'release/0.24'GONRG-7981: update policy bootstrap
See merge request osdu/platform/security-and-compliance/policy!448
(cherry picked from commit e813e37727116cafa90131be00ea65e3a25a2811)
9183edc3 GONRG-7981: update policy bootstrap
ac85a6c1 GONRG-79...GONRG-7981: update policy bootstrap
See merge request osdu/platform/security-and-compliance/policy!448
(cherry picked from commit e813e37727116cafa90131be00ea65e3a25a2811)
9183edc3 GONRG-7981: update policy bootstrap
ac85a6c1 GONRG-7981: update policy bootstrap
d5951b4e GONRG-7981: update bootstrap
a640cb4e GONRG-7981: update bootstrap
96520d65 GONRG-7981: update bootstrap
4eb5ee95 GONRG-7981: update bootstrap
6ecc021c GONRG-7981: update bootstrap
6b854c45 GONRG-7981: update bootstrap
35e43e6a GONRG-7981: update bootstrap
8107492a GONRG-7981: update bootstrap
3d8624ec GONRG-7981: update bootstrap
89d14b2e GONRG-7981: update bootstrap
d80e718a GONRG-7981: update bootstrap
af9423e6 GONRG-7981: update bootstrap
68f310b1 GONRG-7981: update bootstrap
619b170e GONRG-7981: update bootstrap
1130ea93 GONRG-7981: update bootstrap
b91fdcd6 GONRG-7981: update bootstrap
137a6d2f GONRG-7981: update bootstrap
8d050d76 GONRG-7981: update bootstrap
47bff739 GONRG-7981: update bootstrap
1cdccad1 GONRG-7981: update bootstrap
46c62ab1 GONRG-7981: update bootstrap
9c9cf3f2 GONRG-7981: update bootstrap
3349396f GONRG-7981: update bootstrap
54c4c6bc GONRG-7981: update bootstrap
9db12988 GONRG-7981: update bootstrap
78bd3c2e GONRG-7981: update bootstrap
e92031ff GONRG-7981: update bootstrap
769bd0aa GONRG-7981: update bootstrap
3d12768d GONRG-7981: update bootstrap
f9ac971a GONRG-7981: update bootstrap
40b13575 GONRG-7981: update bootstrap
a8708db2 GONRG-7981: update bootstrap
912d1e5b GONRG-7981: update bootstrap
fa27982c GONRG-7981: update bootstrapM21 - Release 0.24Yauheni Rykhter (EPAM)Yauheni Rykhter (EPAM)https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/448GONRG-7981: update policy bootstrap2023-10-20T15:48:35ZYauheni Rykhter (EPAM)GONRG-7981: update policy bootstrapM21 - Release 0.24Yauheni Rykhter (EPAM)Yauheni Rykhter (EPAM)https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/447Aws opa version upgrade2023-10-25T20:26:19ZMadalyn MarabellaAws opa version upgradeM22 - Release 0.25Madalyn MarabellaMadalyn Marabellahttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/445Cherry-pick 'M21 bugfix for azure' into release/0.242023-10-17T11:32:29ZSrinivasan NarayananCherry-pick 'M21 bugfix for azure' into release/0.24**Original MR**: !444
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporati...**Original MR**: !444
### This MR is a Cherry Pick into a Release Branch.
After the release branch is first created, any subsequent changes use this process to update the release (often resulting in a new patch tag) without incorporating all changes in the default branch.
These MRs must be approved by the PMC before they are merged, since they alter the scope of the release.
To see more details about the change itself, look at the Original MR listed above.
#### Skipped Pipeline
Normally, pipelines are not executed on the cherry pick branch/MR prior to merging.
This optimization is accepted because the code was tested when it merged into the default branch, and will be tested again in the release branch prior to tagging.
However, if anybody feels that the MR requires further scrutiny -- whether because it had conflicts in the cherry-picking, it interfaces with some drastically altered logic between the branches, or any other reason -- we can run the pipeline here prior to merging.
#### If There's Reason to Run a Pipeline
If you want to see a pipeline result before this merges, first add a comment explaining why you'd like to see the pipeline results so the PMC and others know your thinking.
Then, mark the MR as a Draft MR (using the vertical ellipsis above, choose 'Mark as Draft').
This prevents the MR from being approved & merged accidentally by a busy release coordinator who didn't see your comment.
Finally, if you are a maintainer on the project, launch a pipeline on this branch.
Since this branch is a protected branch and the MR has ~no-detached-pipeline set, all integration tests will run and there's no need for any `trusted-*` branches.
[Launch a Pipeline for this Branch](https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/pipelines/new?ref=cherry-pick-for-444)M21 - Release 0.24David Diederichd.diederich@opengroup.orgChad LeongSrinivasan NarayananDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/444M21 bugfix for azure2023-10-26T03:04:54ZShane HutchinsM21 bugfix for azure- bufix validation for azure (shorten /tmp path)
- bugfix LOCAL development for /config API (kubernetes fix)- bufix validation for azure (shorten /tmp path)
- bugfix LOCAL development for /config API (kubernetes fix)M21 - Release 0.24Shane HutchinsShane Hutchins