Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(release): prep work for 1.1.5-SNAPSHOT and dev #9218

Merged
merged 1 commit into from
Aug 20, 2024
Merged

chore(release): prep work for 1.1.5-SNAPSHOT and dev #9218

merged 1 commit into from
Aug 20, 2024

Conversation

moabu
Copy link
Member

@moabu moabu commented Aug 19, 2024

Prepare

This PR is to prepare for the release of 1.1.5

  • I confirm that there is no impact on the docs due to the code changes in this PR.

@moabu
chore: release 1.1.5 SNAPSHOT
c5a0593 
Signed-off-by: moabu <47318409+moabu@users.noreply.github.com>
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Aug 19, 2024
edited
Loading

DryRun Security Summary

The provided code changes appear to be a series of routine updates and version bumps across various components of the Janssen project, primarily focusing on updating the versions of Helm charts, Docker image tags, and other metadata to align with a new release, version 1.1.5-dev, without introducing any obvious security vulnerabilities.

Expand for full summary

Summary:

The provided code changes appear to be a series of routine updates and version bumps across various components of the Janssen project. The changes primarily focus on updating the versions of Helm charts, Docker image tags, and other metadata to align with a new release, version 1.1.5-dev. While these changes do not introduce any obvious security vulnerabilities, it is important to review the specific details of the updates to ensure that there are no unintended security implications.

Key areas to focus on from a security perspective include:

  1. Dependency and Version Updates: Ensure that all updated dependencies and components are thoroughly tested and validated for security vulnerabilities before deployment.
  2. Sensitive Data Handling: Review the changes to configuration files and environment variables to verify that sensitive information, such as credentials and API keys, are properly secured and not exposed.
  3. Security-related Configurations: Examine any changes to security-related configurations, such as authentication, authorization, and network policies, to ensure they align with the application's security requirements.
  4. Secure Development Practices: Verify that the development and release processes for the Janssen project follow secure coding guidelines and include appropriate security testing and validation steps.

Overall, the changes in this pull request appear to be routine maintenance and version updates, but it is crucial to maintain a vigilant approach to reviewing all changes, even minor ones, to uphold the security and integrity of the Janssen application.

Files Changed:

  1. agama/pom.xml: Updates the project version and the minimum required Maven version.
  2. agama/transpiler/pom.xml: Updates the parent project version.
  3. charts/janssen-all-in-one/Chart.yaml: Updates the Docker image tag and version information for the Janssen All-in-One deployment.
  4. .github/workflows/build-docs.yml: Updates the default version for the documentation build workflow.
  5. charts/janssen-all-in-one/values.yaml: Updates the image tags for various Janssen services.
  6. charts/janssen-all-in-one/README.md: Updates the version information for the Janssen All-in-One deployment.
  7. charts/janssen/Chart.yaml: Updates the versions and image tags for various Janssen components.
  8. charts/janssen/charts/auth-server-key-rotation/Chart.yaml: Updates the version information for the auth-server-key-rotation chart.
  9. charts/janssen/charts/auth-server-key-rotation/README.md: Updates the version information for the auth-server-key-rotation chart.
  10. charts/janssen/charts/auth-server-key-rotation/values.yaml: Updates the image tag for the auth-server-key-rotation component.
  11. charts/janssen/charts/auth-server/Chart.yaml: Updates the version information for the auth-server chart.
  12. charts/janssen/charts/auth-server/README.md: Updates the version information for the auth-server chart.
  13. charts/janssen/charts/auth-server/values.yaml: Updates the image tag for the auth-server component.
  14. charts/janssen/charts/casa/Chart.yaml: Updates the version information for the casa chart.
  15. charts/janssen/charts/casa/README.md: Updates the version information for the casa chart.
  16. charts/janssen/charts/casa/values.yaml: Updates the image tag for the casa component.
  17. charts/janssen/charts/cn-istio-ingress/Chart.yaml: Updates the version information for the cn-istio-ingress chart.
  18. charts/janssen/charts/cn-istio-ingress/README.md: Updates the version information for the cn-istio-ingress chart.
  19. charts/janssen/charts/config-api/Chart.yaml: Updates the version information for the config-api chart.
  20. charts/janssen/charts/config-api/README.md: Updates the version information for the config-api chart.
  21. charts/janssen/charts/config-api/values.yaml: Updates the image tag for the config-api component.
  22. charts/janssen/charts/config/Chart.yaml: Updates the version information for the config chart.
  23. charts/janssen/charts/config/README.md: Updates the version information for the config chart.
  24. `charts/janssen/

Code Analysis

We ran 9 analyzers against 30 files and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer Findings
Sensitive Files Analyzer 2 findings

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@moabu moabu merged commit 8d4762c into main Aug 20, 2024
11 checks passed
@moabu moabu deleted the release-1.1.5-snapshot branch August 20, 2024 09:41
moabu added a commit to GluuFederation/flex that referenced this pull request Aug 23, 2024
@moabu
chore(release): prepare for 5.1.5 SNAPSHOT release triggered by Janss…
a6c7504 
…enProject/jans#9218

Signed-off-by: moabu <47318409+moabu@users.noreply.github.com>
@moabu moabu mentioned this pull request Aug 23, 2024
Merged
moabu added a commit to GluuFederation/flex that referenced this pull request Aug 26, 2024
@moabu
chore(release): prepare for 5.1.5 SNAPSHOT release triggered by Janss…
a3f996e 
…enProject/jans#9218 (#1799)

Signed-off-by: moabu <47318409+moabu@users.noreply.github.com>
yuriyz pushed a commit that referenced this pull request Nov 7, 2024
@moabu
chore(release): prep work for 1.1.5-SNAPSHOT and dev (#9218)
ce9b931 
chore: release 1.1.5 SNAPSHOT

Signed-off-by: moabu <47318409+moabu@users.noreply.github.com>
Former-commit-id: 8d4762c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@iromli iromli iromli approved these changes

@yuriyz yuriyz yuriyz approved these changes

@jgomer2001 jgomer2001 jgomer2001 approved these changes

@duttarnab duttarnab Awaiting requested review from duttarnab duttarnab is a code owner

@maduvena maduvena Awaiting requested review from maduvena maduvena is a code owner

@yurem yurem Awaiting requested review from yurem yurem is a code owner

@mo-auto mo-auto Awaiting requested review from mo-auto mo-auto is a code owner

@devrimyatar devrimyatar Awaiting requested review from devrimyatar devrimyatar is a code owner

@yuriyzz yuriyzz Awaiting requested review from yuriyzz yuriyzz is a code owner

@pujavs pujavs Awaiting requested review from pujavs pujavs is a code owner

@yackermann yackermann Awaiting requested review from yackermann

@shekhar16 shekhar16 Awaiting requested review from shekhar16

@uprightech uprightech Awaiting requested review from uprightech uprightech is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@moabu @iromli @yuriyz @jgomer2001