Partition merge requestshttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests2020-11-20T00:31:43Zhttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/22WIP: Update .gitlab-ci.yml to use patch-3 of pipeline.2020-11-20T00:31:43ZHema Vishnu Pola [Microsoft]WIP: Update .gitlab-ci.yml to use patch-3 of pipeline.Verifying k8 rollout status command.Verifying k8 rollout status command.https://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/30WIP: Fixing ADO pipeline to only build azure provider code2021-04-26T15:55:20ZJasonWIP: Fixing ADO pipeline to only build azure provider codeCurrently azure pipeline is passing in the option "-P \[service_name\]-azure" when building the provider code and "-P \[service_name\]-core" when building the core code. The -P flag is meant to indicate what profile to activate. Instead,...Currently azure pipeline is passing in the option "-P \[service_name\]-azure" when building the provider code and "-P \[service_name\]-core" when building the core code. The -P flag is meant to indicate what profile to activate. Instead, we want to be using the -pl argument, which indicates which modules should be built. This will ensure that we are only building Azure code and only caching Azure dependencies.JasonJasonhttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/486WIP AWS - Merge from dev2023-11-27T19:21:38ZGuillaume CailletWIP AWS - Merge from devMostly AWS change.
The only common change is an upgrade on the `spring-webmvc` and `openapi` version to fix some CVEs.
Remaining changes:
- Add/update missing License headers on AWS files
- Upgrade several libraries used in AWS to solve...Mostly AWS change.
The only common change is an upgrade on the `spring-webmvc` and `openapi` version to fix some CVEs.
Remaining changes:
- Add/update missing License headers on AWS files
- Upgrade several libraries used in AWS to solve CVE
- Add additional AWS integration testsM22 - Release 0.25Guillaume CailletGuillaume Caillethttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/121Vuln fix netty codec2022-01-10T07:25:44ZGokul NagareVuln fix netty codecAnuj GuptaShrikant GargAnuj Guptahttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/125Vuln Fix for log4j2021-12-17T04:30:46ZMayank Saggar [Microsoft]Vuln Fix for log4jUpdating the core-lib and Core-common versions in provide-azure pom files which have the Log4J Versions without vulnerability.Updating the core-lib and Core-common versions in provide-azure pom files which have the Log4J Versions without vulnerability.Mayank Saggar [Microsoft]Mayank Saggar [Microsoft]https://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/365Vulnerability fix for IBM2023-03-31T07:41:20ZDevdatta SantraVulnerability fix for IBMVulnerability fix for IBM for netty, tomcat and jackson libs
| CVE-2022-42003 | https://nvd.nist.gov/vuln/detail/CVE-2022-42003 |
|----------------|-------------------------------------------------|
| CVE-2022-45143 | https://nvd.nist.g...Vulnerability fix for IBM for netty, tomcat and jackson libs
| CVE-2022-42003 | https://nvd.nist.gov/vuln/detail/CVE-2022-42003 |
|----------------|-------------------------------------------------|
| CVE-2022-45143 | https://nvd.nist.gov/vuln/detail/CVE-2022-45143 |
| CVE-2022-41881 | https://nvd.nist.gov/vuln/detail/CVE-2022-41881 |M17 - Release 0.20Devdatta SantraDevdatta Santrahttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/406vulnerability fix2023-06-19T07:31:07ZKamalika Sahavulnerability fixKamalika SahaKamalika Sahahttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/345Vul fix ibm partition service2023-03-30T08:07:18ZPintu GuptaVul fix ibm partition servicecve
link
CVE-2022-25857
https://nvd.nist.gov/vuln/detail/CVE-2022-25857
CVE-2022-23181
https://nvd.nist.gov/vuln/detail/CVE-2022-23181
CVE-2022-42252
https://nvd.nist.gov/vuln/detail/CVE-2022-42252
PRISMA-2022-0239
https://gith...cve
link
CVE-2022-25857
https://nvd.nist.gov/vuln/detail/CVE-2022-25857
CVE-2022-23181
https://nvd.nist.gov/vuln/detail/CVE-2022-23181
CVE-2022-42252
https://nvd.nist.gov/vuln/detail/CVE-2022-42252
PRISMA-2022-0239
https://github.com/square/okhttp/issues/6738
CVE-2022-22965
https://nvd.nist.gov/vuln/detail/CVE-2022-22965
CVE-2022-42003
https://nvd.nist.gov/vuln/detail/CVE-2022-42003
CVE-2022-42004
https://nvd.nist.gov/vuln/detail/CVE-2022-42004M16 - Release 0.19Pintu GuptaPintu Guptahttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/262Versioning helm chart2022-09-06T22:04:14ZMarc Burnie [AWS]Versioning helm chartM14 - Release 0.17Marc Burnie [AWS]Okoun-Ola Fabien HouetoGustavo UrdanetaMarc Burnie [AWS]https://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/519Version Bumps2024-02-26T01:39:15ZDaniel SchollVersion BumpsThis MR bumps versions.This MR bumps versions.Daniel SchollDaniel Schollhttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/83Using Istio auth in Partition Service2023-08-18T15:32:44ZVibhuti Sharma [Microsoft]Using Istio auth in Partition ServiceFor partition service to authenticate managed identity, we are enabling it to use istio rules like other services. However, partition service only authorizes token of type service principal, not user or guest. To make sure this behavior ...For partition service to authenticate managed identity, we are enabling it to use istio rules like other services. However, partition service only authorizes token of type service principal, not user or guest. To make sure this behavior is not affected, a filter is added which sets the authentication context. This context is retrieved by the AuthorizationService to check the user type.
A check is also added on the issuer, to make sure only issuer with v1 or v2 aad url is accepted.
Testing
* Tested locally by passing different claims values in "x-payload" header and seeing response as expected.M8 - Release 0.11Vibhuti Sharma [Microsoft]Vibhuti Sharma [Microsoft]https://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/6Use partition branch for CI2020-09-17T14:25:39ZVasyl Leskiv [SLB]Use partition branch for CIashley kelhamashley kelhamhttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/92Use Non Snapshot version2023-08-18T15:32:34ZKrishna Nikhil VedurumudiUse Non Snapshot versionM9 - Release 0.12https://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/57Use namespace defaults for resource limits2023-08-18T15:33:14ZKrishna Nikhil VedurumudiUse namespace defaults for resource limitsM7 - Release 0.10https://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/195Use MongoPropertiesReader from os-core-lib-aws and add maxIdelTimeMS setting2022-05-26T19:00:27ZYifei XuUse MongoPropertiesReader from os-core-lib-aws and add maxIdelTimeMS settingM12 - Release 0.15JoeYifei XuOkoun-Ola Fabien HouetoJoehttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/135upgrading to swagger 32022-09-16T08:32:46ZAman Vermaupgrading to swagger 3Find more details in the issue: https://community.opengroup.org/osdu/platform/system/file/-/issues/48
Reference MR: https://community.opengroup.org/osdu/platform/system/file/-/merge_requests/212Find more details in the issue: https://community.opengroup.org/osdu/platform/system/file/-/issues/48
Reference MR: https://community.opengroup.org/osdu/platform/system/file/-/merge_requests/212M10 - Release 0.13Aman VermaAman Vermahttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/295upgrading spring-data-commons version2022-11-16T05:48:06ZAshwani Pandeyupgrading spring-data-commons versionupgrading spring-data-commons version into IBM pom.xml to fix IBM pipeline in below MR:
https://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/285.upgrading spring-data-commons version into IBM pom.xml to fix IBM pipeline in below MR:
https://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/285.M15 - Release 0.18Mykyta SavchukMykyta Savchukhttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/303Upgrading partition service2022-12-12T05:23:38ZNishant VidyasagarUpgrading partition serviceNishant VidyasagarNishant Vidyasagarhttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/127Upgrading library versions to incorporate the latest Log4j fix2023-08-18T15:31:59ZDavid Diederichd.diederich@opengroup.orgUpgrading library versions to incorporate the latest Log4j fixThese updates apply version 2.17, addressing CVE-2021-45105
Part of the #25 seriesThese updates apply version 2.17, addressing CVE-2021-45105
Part of the #25 seriesM10 - Release 0.13David Diederichd.diederich@opengroup.orgDavid Diederichd.diederich@opengroup.orghttps://community.opengroup.org/osdu/platform/system/partition/-/merge_requests/304upgrading corelib azure for partition service2023-05-13T05:03:42ZNishant Vidyasagarupgrading corelib azure for partition serviceNishant VidyasagarNishant Vidyasagar