Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(jans-cli-tui): deploy Agama Lab community projects #9370

Merged
merged 12 commits into from
Sep 10, 2024
Merged

feat(jans-cli-tui): deploy Agama Lab community projects #9370

merged 12 commits into from
Sep 10, 2024

Conversation

devrimyatar
Copy link
Contributor

@devrimyatar devrimyatar commented Sep 4, 2024
edited
Loading

closes #8785

  • Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs

@devrimyatar
feat(jans-cli-tui): deploy Agama Lab community projects
60d86af 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@devrimyatar devrimyatar added comp-jans-cli-tui Component affected by issue or PR kind-feature Issue or PR is a new feature request labels Sep 4, 2024
@devrimyatar devrimyatar marked this pull request as draft September 4, 2024 17:48
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Sep 4, 2024
edited
Loading

DryRun Security Summary

The provided code changes cover various aspects of the Jans CLI TUI application, including modifications to the UI components, Agama project management, and the Config API plugin, with a focus on improving functionality and user experience while addressing potential security-related considerations.

Expand for full summary

Summary:

The provided code changes cover various aspects of the Jans CLI TUI (Text-based User Interface) application, including modifications to the UI components, Agama project management, and the Config API plugin. While the changes are primarily focused on improving the functionality and user experience, there are several security-related considerations that should be addressed.

  1. UI Component Changes: The changes to the JansMessageDialog class in the jans-cli-tui/cli_tui/wui_components/jans_message_dialog.py file are generally well-designed, but it is important to ensure that all input validation, error handling, and secure handling of callbacks and modal dialogs are properly implemented to prevent potential security vulnerabilities.

  2. Agama Project Management: The changes to the Agama module in the jans-cli-tui/cli_tui/plugins/010_auth_server/agama.py file introduce new functionality for managing Agama projects, including the ability to add, view, and delete projects. These changes should be reviewed to ensure that the code properly validates and sanitizes user input, and that the temporary files and directories used during the process are properly cleaned up.

  3. Config API Plugin: The changes to the Config API plugin in the jans-cli-tui/cli_tui/plugins/140_config_api/main.py file involve the management of sensitive configuration options related to authentication, logging, and asset management. It is crucial to ensure that proper access control and input validation mechanisms are in place to protect the integrity and security of these settings.

Files Changed:

  1. jans-cli-tui/cli_tui/jans_cli_tui.py: The changes to the getButton function in this file are focused on improving the visual appearance of the buttons in the application and do not introduce any obvious security concerns.

  2. docs/admin/config-guide/auth-server-config/agama-project-configuration.md: The changes to this documentation file introduce new functionality for managing Agama projects, including the ability to list, add, view, edit, and delete projects. The documentation emphasizes the importance of using the appropriate command-line tools and REST API endpoints to maintain a secure and controlled environment for Agama project deployment and configuration.

  3. jans-cli-tui/cli_tui/plugins/010_auth_server/agama.py: The changes to this file introduce new functionality for managing Agama projects, including the ability to add projects from the file system or the Agama Lab community. The code should be reviewed to ensure that it properly validates and sanitizes user input, and that it is not vulnerable to any known vulnerabilities in the libraries and modules it uses.

  4. jans-cli-tui/cli_tui/wui_components/jans_message_dialog.py: The changes to this file introduce a new JansMessageDialog class that creates a dialog box with a title, body, and optional buttons. The code should be reviewed to ensure that it properly validates and sanitizes user input, and that it is not vulnerable to any known vulnerabilities in the prompt_toolkit library.

  5. jans-cli-tui/cli_tui/plugins/140_config_api/main.py: The changes to this file are focused on the configuration options and UI elements for the Config API functionality. The code should be reviewed to ensure that proper access control and input validation mechanisms are in place to protect the integrity and security of the sensitive configuration settings.

Code Analysis

We ran 9 analyzers against 8 files and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

devrimyatar and others added 8 commits September 4, 2024 20:48
@devrimyatar
Merge branch 'main' into jans-cli-tui-agama-online-deployment-8785
cabcef5
@devrimyatar
fix(jans-cli-tui): typo
88c23d1 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@devrimyatar
fix(jans-cli-tui): typo
b22c9f1 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@devrimyatar
feat(jans-cli-tui): display agama project url after deployment
72165e8 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@devrimyatar
fix(jans-cli-tui): rename agama upload project button
4c2a6c3 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@devrimyatar
fix(jans-cli-tui): typo
325295a 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@devrimyatar
fix(jans-cli-tui): typo
17f5a01 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@devrimyatar
chore(jans-cli-tui): agama display options in dialog
0c9f11a 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@ossdhaval
Copy link
Contributor

Adding documentation label as this would require documentation update as well.

One possible location for update is here. The developer needs to search relevant documentation with keywords related to the change to find if there are more places where the update is needed.

@ossdhaval ossdhaval added the area-documentation Documentation needs to change as part of issue or PR label Sep 9, 2024
@devrimyatar devrimyatar marked this pull request as ready for review September 10, 2024 09:48
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-cli'

Issues
3 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-core'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-config-api-parent'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-linux-setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'Jans-Keycloak-Link'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-pycloudlib'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'Fido2 API'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'SCIM API'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@yuriyz yuriyz enabled auto-merge (squash) September 10, 2024 12:37
@yuriyz yuriyz merged commit adfd926 into main Sep 10, 2024
1 check passed
@yuriyz yuriyz deleted the jans-cli-tui-agama-online-deployment-8785 branch September 10, 2024 12:38
yuriyz pushed a commit that referenced this pull request Nov 7, 2024
@devrimyatar
feat(jans-cli-tui): deploy Agama Lab community projects (#9370)
02b61d1 
* feat(jans-cli-tui): deploy Agama Lab community projects

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* fix(jans-cli-tui): typo

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* fix(jans-cli-tui): typo

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* feat(jans-cli-tui): display agama project url after deployment

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* fix(jans-cli-tui): rename agama upload project button

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* fix(jans-cli-tui): typo

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* fix(jans-cli-tui): typo

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* chore(jans-cli-tui): agama display options in dialog

Signed-off-by: Mustafa Baser <mbaser@mail.com>

* docs(jans-cli-tui): update agama deployment docs for online deployment

Signed-off-by: Mustafa Baser <mbaser@mail.com>

---------

Signed-off-by: Mustafa Baser <mbaser@mail.com>
Former-commit-id: adfd926
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ossdhaval ossdhaval ossdhaval approved these changes

@yuriyz yuriyz yuriyz approved these changes

Assignees

@devrimyatar devrimyatar

Labels
area-documentation Documentation needs to change as part of issue or PR comp-jans-cli-tui Component affected by issue or PR kind-feature Issue or PR is a new feature request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

feat(jans-cli-tui): allow users to install Agama Lab community projects from TUI
3 participants
@devrimyatar @ossdhaval @yuriyz