Policy merge requestshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests2022-05-28T03:36:42Zhttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/109Aws bootstrapping2022-05-28T03:36:42ZMarc Burnie [AWS]Aws bootstrappingM12 - Release 0.15Marc Burnie [AWS]Marc Burnie [AWS]https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/142Adding Search Instance Policy to AWS Bootstrapping2022-09-19T17:52:04ZMarc Burnie [AWS]Adding Search Instance Policy to AWS BootstrappingM14 - Release 0.17Marc Burnie [AWS]Marc Burnie [AWS]https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/141adding search.rego to instance policy bundle2022-09-19T17:26:15ZMarc Burnie [AWS]adding search.rego to instance policy bundleM14 - Release 0.17Marc Burnie [AWS]Marc Burnie [AWS]https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/138attempt to fix gcp integration tests2022-09-17T15:09:03ZShane Hutchinsattempt to fix gcp integration testsM14 - Release 0.17Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/332Draft: Documentation Update2023-03-31T15:32:52ZShane HutchinsDraft: Documentation UpdateM17 - Release 0.20Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/345Add overriding ENABLE_TRANSLATE_PREPROCESSOR with env variable2023-05-17T09:44:08ZVolodymyr Pienskoi [EPAM / GCP]Add overriding ENABLE_TRANSLATE_PREPROCESSOR with env variableM18 - Release 0.21Rustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comVolodymyr Pienskoi [EPAM / GCP]Rustam Lotsmanenko (EPAM)rustam_lotsmanenko@epam.comhttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/384Draft: attempt to fix policy http blocking issue2023-06-20T15:15:16ZShane HutchinsDraft: attempt to fix policy http blocking issuePolicy Service handles some http calls to opa as **synchronous**. This makes calls where http calls in policies become **asynchronous**.
- This required a rewrite of parts of eval, translate and underlying OPA module
- Also a bugfix for...Policy Service handles some http calls to opa as **synchronous**. This makes calls where http calls in policies become **asynchronous**.
- This required a rewrite of parts of eval, translate and underlying OPA module
- Also a bugfix for compile
To address: https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/99M19 - Release 0.22Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/395Update FOSSA NOTICE2023-07-18T06:03:32ZDavid Diederichd.diederich@opengroup.orgUpdate FOSSA NOTICEThis MR updates the attribution file for the project (also known as the `NOTICE` file).
It is important to keep this up to date to satisfy legal requirements of dependency licenses.
We use FOSSA as the tool to scan for and detect these ...This MR updates the attribution file for the project (also known as the `NOTICE` file).
It is important to keep this up to date to satisfy legal requirements of dependency licenses.
We use FOSSA as the tool to scan for and detect these changes.M20 - Release 0.23https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/443Draft: validation bugfix for azure2023-10-16T18:25:45ZShane HutchinsDraft: validation bugfix for azureBugfix for M21 for azureBugfix for M21 for azureM21 - Release 0.24Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/436GONRG-7911: Update configmap for Policy2023-10-13T17:55:07ZMikhail Piatliou (EPAM)GONRG-7911: Update configmap for PolicyM21 - Release 0.24Mikhail Piatliou (EPAM)Mikhail Piatliou (EPAM)https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/427Draft: Update variables to support dev secondary env2023-09-21T04:57:30Zsaketh somarajuDraft: Update variables to support dev secondary env- This MR introduces changes to azure CI variables to support deployment to dev secondary env incase of release pipelines- This MR introduces changes to azure CI variables to support deployment to dev secondary env incase of release pipelinesM21 - Release 0.24saketh somarajusaketh somarajuhttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/424Draft: NOTICE update and loadtest debug2023-09-08T19:21:47ZShane HutchinsDraft: NOTICE update and loadtest debug- Notice update
- loadtest debugging changes- Notice update
- loadtest debugging changesM21 - Release 0.24Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/446Draft: GONRG-7910: recreate instead of checking bundles2023-10-18T10:00:34ZYauheni Rykhter (EPAM)Draft: GONRG-7910: recreate instead of checking bundlesM22 - Release 0.25Yauheni Rykhter (EPAM)Yauheni Rykhter (EPAM)https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/471Upgrade SHA1 to SHA2562024-02-13T01:09:08ZShane HutchinsUpgrade SHA1 to SHA256While this is not a direct security or vulnerabilty concern, we are upgrading SHA-1 to SHA-256 to address any potential security concerns if there are upstream/downstream uses of this SHA.
Issues:
- https://community.opengroup.org/osdu/...While this is not a direct security or vulnerabilty concern, we are upgrading SHA-1 to SHA-256 to address any potential security concerns if there are upstream/downstream uses of this SHA.
Issues:
- https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/124
- https://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/issues/125M23 - Release 0.26Shane HutchinsShane Hutchinshttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/470CVE fix for policy service2024-02-12T16:58:47ZJiman KimCVE fix for policy serviceupgrades fastapi to fix cve issueupgrades fastapi to fix cve issueM24 - Release 0.27Jiman KimJiman Kimhttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/388Draft: Az/sa test2023-07-11T05:02:28Zsaketh somarajuDraft: Az/sa testhttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/386Draft: logs addition to translate api2023-10-26T03:18:56Zsaketh somarajuDraft: logs addition to translate apihttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/338Draft: Dummy MR to verify deployment changes2023-05-06T09:43:44Zsaketh somarajuDraft: Dummy MR to verify deployment changesDummy MR to verify deployment changes for pod replica increaseDummy MR to verify deployment changes for pod replica increasesaketh somarajusaketh somarajuhttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/337OpenAPI 3.0 Documentation updates for policy service2023-10-26T03:39:09ZJayesh BagulOpenAPI 3.0 Documentation updates for policy service**Link to Existing ADR(Architecture Decision Record)** :
(https://community.opengroup.org/osdu/platform/system/home/-/issues/97)
## OpenAPI 3.0 related changes
FastAPI leverages Python's docstring feature to automatically generate S...**Link to Existing ADR(Architecture Decision Record)** :
(https://community.opengroup.org/osdu/platform/system/home/-/issues/97)
## OpenAPI 3.0 related changes
FastAPI leverages Python's docstring feature to automatically generate Swagger documentation for each API endpoint.
The **docstring** is written in a specific format, using Python's standard **`"""`** triple quotes, and can include rich text formatting using the Markdown syntax.It parses the docstring to extract information such as the endpoint's description, parameters, request and response models, and any other relevant information.
- **Swagger UI:** http://localhost:8080/api/policy/v1/swagger
- **api-docs (JSON) :** http://localhost:8080/api/policy/v1/api-docs
## Example
- including detailed and informative docstrings in our code, we can ensure that our API is well-documented and easy to use, and FastAPI will use these docstrings to automatically generate Swagger documentation for our API.
```
@router.get("/health")
async def health():
"""
## Health check endpoint, which does not depend on OPA.
This API does not require any headers or authentication.
The /health endpoint responds with a 200 HTTP status code when the service pod can receive requests.
The endpoint indicates that the service pod is healthy and reachable.
It does not indicate that the service is ready to serve requests.
"""
return {'message': 'Healthy'}
```
- The first line of the docstring (_Health check endpoint, which does not depend on OPA._) is used as the summary of the endpoint in the Swagger documentation.
- The following lines of the docstring (_This API does not require any headers or authentication_.) are used as the description of the endpoint in the Swagger documentation.
- The final lines of the docstring (_The /health endpoint responds with a 200 HTTP status code when the service pod can receive requests_.___) are not used directly in the Swagger documentation, but they provide additional context and information about the endpoint that may be useful to users of the API.
## References
* https://fastapi.tiangolo.com/features/#based-on-open-standards
* https://fastapi.tiangolo.com/
* https://peps.python.org/pep-0257/#what-is-a-docstringJayesh BagulJayesh Bagulhttps://community.opengroup.org/osdu/platform/security-and-compliance/policy/-/merge_requests/336Draft: Update python test pipelines (GONRG-6963)2023-05-19T10:14:44ZAndrei Skorkin [EPAM / GCP]Draft: Update python test pipelines (GONRG-6963)