Skip to content

Commit f5387c9

Browse files
vikramdevtronayu-devtrongireesh-naiduShivam-nagar23prakash100198
authored
misc: Release candidate v0.19.0 (#5930)
* added config sql script (#5681) * feat: CVE severity categorisation and scan result listing API enhancements (#5617) * feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support * fix: query fix for appName sort or envName sort * fix: sql script number change * fix: minor changes * fix: review fix * fix: remove dml on cve_store and handle it in code handling this versioning * fix: review comments * fix: update script numbers * fix: minor fix * feat: casbin deny policy sql scripts (#5677) * system controller scripts * script additions * sql cript update * sql script number chnage * feat: Config diff phase 2 oss (#5488) * story(configDiffView) : open api spec * story(configDiffView) : open api spec updated * story(configDiffView) : open api spec updated for error state * story(configDiffView) : WIP * story(configDiffView) : WIP "some code changed" * story(configDiffView) : support for names added * story(configDiffView) : iota removed * story(configDiffView) : pg no rows handled * story(configDiffView) : spelling check * story(configDiffView) : code review comment resolved * story(configDiffView) : env id added * story(configDiffView) : intersection added * story(configDiffView) : comments removed * story(configDiffView) : code review comment resolved * story(configDiffView) : comment removed * story(configDiffView) : CMCSNames DTO moved * story(configDiffView) : null case handled * story(configDiffView) : logger added * story(configDiffView) : code refactored * story(configDiffView) : code refactored v2 * story(configDiffView) : spec updated * story(configDiffView) : code refactored * story(configDiffView) : config names * main sync * overridden and global flag introduced in config diff autocomplete api * ent sync * get config data in resthandler * new api for showing all config data in config/data :- Service func -> GetAllConfigData * using a single key instead of global and overridden key in config/autocomplete api * ConfigState made string instead of int * not sending inheriting in case base config * code review comment incorporation * ent sync * code review comment incorp -1 * code review comment incorp -2 * code review comment incorp -3 * small fix in plugin * migration number changes (#5692) * main sync * minor fix * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * scipt number change --------- Co-authored-by: adi6859 <[email protected]> Co-authored-by: Vikram Singh <[email protected]> * fix: Helm apps entries in Ea mode (#5652) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * executed make after merging with develop branch * feat: refactoring deployment app name usage (#5702) * removing hard coded deployment app name * removing %s-%s usage * wip: query change for enterprise * wip * wip * wip * adding release mode in deployment config * wip: release changes * left join on pco and artifact * handling empty release mode - backward compatibility * fixing panic * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * migration updated * main merge and migration script updated * wip * review changes * fix sql no --------- Co-authored-by: Prakash <[email protected]> * migration syn with ent (#5719) * fix: group image vulnerabilities by base/os image (#5680) * feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support * fix: query fix for appName sort or envName sort * fix: sql script number change * fix: minor changes * fix: review fix * fix: remove dml on cve_store and handle it in code handling this versioning * fix: review comments * feat: storing target,class and type values in imageScanExecutionResults * feat: add sql script * feat: add sql script * fix: add new columns * fix: update script numbers * fix: correct down script * fix: minor fix * chore: script number update * fix: remove sql script (#5727) * Revert "fix: Helm apps entries in Ea mode (#5652)" (#5733) This reverts commit f1aa1fca0624af32de5e620ceba4548488a07127. * chore: custom argo-workflow dependency (#5731) * bumped github.com/argoproj/argo-workflows/v3 v3.5.10 => github.com/devtron-labs/argo-workflows/v3 v3.5.10 * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * fix: ea fixes for helm app (#5708) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * Revert "fix: ea fixes for helm app (#5708)" (#5713) This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85. * fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712) * SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation * minor refactor * minor refactor * migration syn with ent (#5718) * reverted main branch changes * reverted main branch changes --------- Co-authored-by: Prakash <[email protected]> Co-authored-by: Rajeev Ranjan <[email protected]> Co-authored-by: prakhar katiyar <[email protected]> * chore: fix go.sum file (#5734) * misc: Main sync develop (#5737) * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * fix: ea fixes for helm app (#5708) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * Revert "fix: ea fixes for helm app (#5708)" (#5713) This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85. * fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712) * SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation * minor refactor * minor refactor * migration syn with ent (#5718) --------- Co-authored-by: Prakash <[email protected]> Co-authored-by: Rajeev Ranjan <[email protected]> Co-authored-by: prakhar katiyar <[email protected]> * chore: sql scripts sync (#5763) * fix: Scan tool migration fix develop (#5773) * scan tool active check removed * query fix * chore: Oss sync 2 sept 2024 oss (#5779) * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * fix: ea fixes for helm app (#5708) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * Revert "fix: ea fixes for helm app (#5708)" (#5713) This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85. * fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712) * SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation * minor refactor * minor refactor * migration syn with ent (#5718) * doc: Edit Deployment Chart Schema (#5735) * Edit Deployment Chart Schema * Fixes * PM + CO Feedback Incorporated * doc: Redirection of old entry in gitbook.yaml (#5738) * Edit Deployment Chart Schema * Fixes * PM + CO Feedback Incorporated * Redirected Old Entry * docs: added Documentation for Air-Gapped Installation (#5360) * added docs for air-gapped-installation * added all the images in 7.0.0 * modified yq command in the docs * added an entry in summary.md * added installation commands * modified statements * modified variable name * added steps to navigation * added the latest oss chart images * added a note for docker * Added Intro + Proofreading + Structuring * Other fixes * Lang fix * added docs for ea-mode only * modified lang * Update install-devtron-in-airgapped-environment.md Changed h3 header to fit the ToC on the RHS * added changes * modified changes --------- Co-authored-by: Badal Kumar Prusty <[email protected]> Co-authored-by: ashokdevtron <[email protected]> * feat: Env description handling (#5744) * env description handling added * license handling * misc: Main sync rc - branch update (#5753) * added config sql script (#5681) * feat: CVE severity categorisation and scan result listing API enhancements (#5617) * feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support * fix: query fix for appName sort or envName sort * fix: sql script number change * fix: minor changes * fix: review fix * fix: remove dml on cve_store and handle it in code handling this versioning * fix: review comments * fix: update script numbers * fix: minor fix * feat: casbin deny policy sql scripts (#5677) * system controller scripts * script additions * sql cript update * sql script number chnage * feat: Config diff phase 2 oss (#5488) * story(configDiffView) : open api spec * story(configDiffView) : open api spec updated * story(configDiffView) : open api spec updated for error state * story(configDiffView) : WIP * story(configDiffView) : WIP "some code changed" * story(configDiffView) : support for names added * story(configDiffView) : iota removed * story(configDiffView) : pg no rows handled * story(configDiffView) : spelling check * story(configDiffView) : code review comment resolved * story(configDiffView) : env id added * story(configDiffView) : intersection added * story(configDiffView) : comments removed * story(configDiffView) : code review comment resolved * story(configDiffView) : comment removed * story(configDiffView) : CMCSNames DTO moved * story(configDiffView) : null case handled * story(configDiffView) : logger added * story(configDiffView) : code refactored * story(configDiffView) : code refactored v2 * story(configDiffView) : spec updated * story(configDiffView) : code refactored * story(configDiffView) : config names * main sync * overridden and global flag introduced in config diff autocomplete api * ent sync * get config data in resthandler * new api for showing all config data in config/data :- Service func -> GetAllConfigData * using a single key instead of global and overridden key in config/autocomplete api * ConfigState made string instead of int * not sending inheriting in case base config * code review comment incorporation * ent sync * code review comment incorp -1 * code review comment incorp -2 * code review comment incorp -3 * small fix in plugin * migration number changes (#5692) * main sync * minor fix * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * scipt number change --------- Co-authored-by: adi6859 <[email protected]> Co-authored-by: Vikram Singh <[email protected]> * fix: Helm apps entries in Ea mode (#5652) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * executed make after merging with develop branch * feat: refactoring deployment app name usage (#5702) * removing hard coded deployment app name * removing %s-%s usage * wip: query change for enterprise * wip * wip * wip * adding release mode in deployment config * wip: release changes * left join on pco and artifact * handling empty release mode - backward compatibility * fixing panic * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * migration updated * main merge and migration script updated * wip * review changes * fix sql no --------- Co-authored-by: Prakash <[email protected]> * migration syn with ent (#5719) * fix: group image vulnerabilities by base/os image (#5680) * feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support * fix: query fix for appName sort or envName sort * fix: sql script number change * fix: minor changes * fix: review fix * fix: remove dml on cve_store and handle it in code handling this versioning * fix: review comments * feat: storing target,class and type values in imageScanExecutionResults * feat: add sql script * feat: add sql script * fix: add new columns * fix: update script numbers * fix: correct down script * fix: minor fix * chore: script number update * fix: remove sql script (#5727) * Revert "fix: Helm apps entries in Ea mode (#5652)" (#5733) This reverts commit f1aa1fca0624af32de5e620ceba4548488a07127. * chore: custom argo-workflow dependency (#5731) * bumped github.com/argoproj/argo-workflows/v3 v3.5.10 => github.com/devtron-labs/argo-workflows/v3 v3.5.10 * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * fix: ea fixes for helm app (#5708) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * Revert "fix: ea fixes for helm app (#5708)" (#5713) This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85. * fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712) * SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation * minor refactor * minor refactor * migration syn with ent (#5718) * reverted main branch changes * reverted main branch changes --------- Co-authored-by: Prakash <[email protected]> Co-authored-by: Rajeev Ranjan <[email protected]> Co-authored-by: prakhar katiyar <[email protected]> * chore: fix go.sum file (#5734) * misc: Main sync develop (#5737) * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * fix: ea fixes for helm app (#5708) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * Revert "fix: ea fixes for helm app (#5708)" (#5713) This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85. * fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712) * SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation * minor refactor * minor refactor * migration syn with ent (#5718) --------- Co-authored-by: Prakash <[email protected]> Co-authored-by: Rajeev Ranjan <[email protected]> Co-authored-by: prakhar katiyar <[email protected]> * fix: Validate config cm cs (#5750) * validateConfigRequest before CMGlobalAddUpdate and CSGlobalAddUpdate * checkIfConfigDataAlreadyExist --------- Co-authored-by: ayu-devtron <[email protected]> Co-authored-by: Vikram Singh <[email protected]> Co-authored-by: Gireesh Naidu <[email protected]> Co-authored-by: Shivam Nagar <[email protected]> Co-authored-by: Prakash <[email protected]> Co-authored-by: adi6859 <[email protected]> Co-authored-by: Rajeev Ranjan <[email protected]> Co-authored-by: iamayushm <[email protected]> Co-authored-by: prakhar katiyar <[email protected]> Co-authored-by: Asutosh Das <[email protected]> Co-authored-by: Vikram <[email protected]> Co-authored-by: Prakarsh <[email protected]> * doc: Update prerequisites of code-scan (#5625) * Update prerequisites of code-scan * Hyperlinked the Vulnerability scanning doc --------- Co-authored-by: ashokdevtron <[email protected]> * fix: ci patch rbac for branch update (#5759) * feat: Added basic auth support for servicemonitor (#5761) * Added support for basic auth in servicemonitor * Added support for namespace selector and custom matchLabels * Fixed indentations * fix: Bitnami chart repo tls issue (#5740) * bitnami_chart_fix * Rename 278_bitnami_chart_fix.down.sql to 282_bitnami_chart_fix.down.sql * Rename 278_bitnami_chart_fix.up.sql to 282_bitnami_chart_fix.up.sql --------- Co-authored-by: Pawan Mehta <[email protected]> * doc: Cosign plugin doc (#5665) * doc for cosign plugin * edits in task name * updates in intro and other fixes. * Attached link to Cosign GitHub repo * Hyperlink fixes --------- Co-authored-by: ashokdevtron <[email protected]> * fix: check rbac on env if envName is present (#5765) * admin check fix in config draft * minor fix * doc: CraneCopy plugin doc (#5658) * doc for * edits in task name * spelling correction * Updated password --------- Co-authored-by: ashokdevtron <[email protected]> * doc: Devtron CD Trigger Plugin doc (#5747) * devtron-cd-trigger plugin doc * minor update * Proofreading done * Update devtron-cd-trigger.md * Removed unwanted phrase * Changed wording * Changed plurality * Updated devtron token --------- Co-authored-by: ashokdevtron <[email protected]> * doc: DockerSlim plugin doc (#5660) * doc for DockerSlim plugin * Updated Docker-Slim to DockerSlim * Minor fixes * url update * Fixes in url --------- Co-authored-by: ashokdevtron <[email protected]> * doc: Devtron Job Trigger Plugin doc (#5742) * devtron-job-trigger plugin doc * summary updated * Updated input variable description * token value updated --------- Co-authored-by: ashokdevtron <[email protected]> * fix: scan tool active check removed (#5771) * scan tool active check removed * query fix * feat: Docker pull env driven (#5767) * useDockerApiToGetDigest menv driven flag to control pulling image either using docker pull or docker API * UseAppDockerConfigForPrivateRegistries in workflow request * revert * revert * fix: panic handlings and argocd app delete stuck in partial stage (#5770) * fix: panic handlings * fix: false positive matrics on gitOps failures * fix: for GetConfigForHelmApps err: pg no row * feat: plugin creation support (#5630) * wip: new plugin creation api and min plugin api with only shared plugin list * wip: create new plugin version code * wip:plugin type SHARED by default * wip:find plugin either by identifier or by id while creating a new version of existing plugin * wip: create new plugin tag logic improved * wip: optimize GetAllFilteredPluginParentMetadata query * wip: create plugin tag new flow * wip: minor fix * wip: minor fix * wip: minor fix * wip: newTagsPresent -> areNewTagsPresent * wip: icon is not mandatory code incorporated * wip:minor refactoring * wip: prevent duplicate version from being created and save tags relation only when * wip: minor fix * wip: details api, get all plugin data or non * wip: code review incorp part -1 * wip: code review incorp part -2 * wip: code review incorp part -3 * wip: remove code duplication * wip: hardcode isExposed to true * wip: hardcode StepType= inline * wip: set default VariableStepIndex= 1 * Revert "feat: plugin creation support (#5630)" (#5778) This reverts commit 4296366ae288f3a67f87e547d2b946acbcd2dd65. * script no. fix --------- Co-authored-by: Rajeev Ranjan <[email protected]> Co-authored-by: prakhar katiyar <[email protected]> Co-authored-by: ashokdevtron <[email protected]> Co-authored-by: Badal Kumar <[email protected]> Co-authored-by: Badal Kumar Prusty <[email protected]> Co-authored-by: kripanshdevtron <[email protected]> Co-authored-by: kartik-579 <[email protected]> Co-authored-by: ayu-devtron <[email protected]> Co-authored-by: Vikram Singh <[email protected]> Co-authored-by: Gireesh Naidu <[email protected]> Co-authored-by: Shivam Nagar <[email protected]> Co-authored-by: adi6859 <[email protected]> Co-authored-by: iamayushm <[email protected]> Co-authored-by: Asutosh Das <[email protected]> Co-authored-by: Vikram <[email protected]> Co-authored-by: Prakarsh <[email protected]> Co-authored-by: Bhushan Nemade <[email protected]> Co-authored-by: Pawan Mehta <[email protected]> Co-authored-by: akshatsinha007 <[email protected]> * chore: plugin creation oss (#5780) * wip: new plugin creation api and min plugin api with only shared plugin list * wip: create new plugin version code * wip:plugin type SHARED by default * wip:find plugin either by identifier or by id while creating a new version of existing plugin * wip: create new plugin tag logic improved * wip: optimize GetAllFilteredPluginParentMetadata query * wip: create plugin tag new flow * wip: minor fix * wip: minor fix * wip: minor fix * wip: newTagsPresent -> areNewTagsPresent * wip: icon is not mandatory code incorporated * wip:minor refactoring * wip: prevent duplicate version from being created and save tags relation only when * wip: minor fix * wip: details api, get all plugin data or non * wip: code review incorp part -1 * wip: code review incorp part -2 * wip: code review incorp part -3 * wip: remove code duplication * wip: hardcode isExposed to true * wip: hardcode StepType= inline * wip: set default VariableStepIndex= 1 * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * fix: ea fixes for helm app (#5708) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * Revert "fix: ea fixes for helm app (#5708)" (#5713) This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85. * fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712) * SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation * minor refactor * minor refactor * migration syn with ent (#5718) * doc: Edit Deployment Chart Schema (#5735) * Edit Deployment Chart Schema * Fixes * PM + CO Feedback Incorporated * doc: Redirection of old entry in gitbook.yaml (#5738) * Edit Deployment Chart Schema * Fixes * PM + CO Feedback Incorporated * Redirected Old Entry * docs: added Documentation for Air-Gapped Installation (#5360) * added docs for air-gapped-installation * added all the images in 7.0.0 * modified yq command in the docs * added an entry in summary.md * added installation commands * modified statements * modified variable name * added steps to navigation * added the latest oss chart images * added a note for docker * Added Intro + Proofreading + Structuring * Other fixes * Lang fix * added docs for ea-mode only * modified lang * Update install-devtron-in-airgapped-environment.md Changed h3 header to fit the ToC on the RHS * added changes * modified changes --------- Co-authored-by: Badal Kumar Prusty <[email protected]> Co-authored-by: ashokdevtron <[email protected]> * feat: Env description handling (#5744) * env description handling added * license handling * misc: Main sync rc - branch update (#5753) * added config sql script (#5681) * feat: CVE severity categorisation and scan result listing API enhancements (#5617) * feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support * fix: query fix for appName sort or envName sort * fix: sql script number change * fix: minor changes * fix: review fix * fix: remove dml on cve_store and handle it in code handling this versioning * fix: review comments * fix: update script numbers * fix: minor fix * feat: casbin deny policy sql scripts (#5677) * system controller scripts * script additions * sql cript update * sql script number chnage * feat: Config diff phase 2 oss (#5488) * story(configDiffView) : open api spec * story(configDiffView) : open api spec updated * story(configDiffView) : open api spec updated for error state * story(configDiffView) : WIP * story(configDiffView) : WIP "some code changed" * story(configDiffView) : support for names added * story(configDiffView) : iota removed * story(configDiffView) : pg no rows handled * story(configDiffView) : spelling check * story(configDiffView) : code review comment resolved * story(configDiffView) : env id added * story(configDiffView) : intersection added * story(configDiffView) : comments removed * story(configDiffView) : code review comment resolved * story(configDiffView) : comment removed * story(configDiffView) : CMCSNames DTO moved * story(configDiffView) : null case handled * story(configDiffView) : logger added * story(configDiffView) : code refactored * story(configDiffView) : code refactored v2 * story(configDiffView) : spec updated * story(configDiffView) : code refactored * story(configDiffView) : config names * main sync * overridden and global flag introduced in config diff autocomplete api * ent sync * get config data in resthandler * new api for showing all config data in config/data :- Service func -> GetAllConfigData * using a single key instead of global and overridden key in config/autocomplete api * ConfigState made string instead of int * not sending inheriting in case base config * code review comment incorporation * ent sync * code review comment incorp -1 * code review comment incorp -2 * code review comment incorp -3 * small fix in plugin * migration number changes (#5692) * main sync * minor fix * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * scipt number change --------- Co-authored-by: adi6859 <[email protected]> Co-authored-by: Vikram Singh <[email protected]> * fix: Helm apps entries in Ea mode (#5652) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * executed make after merging with develop branch * feat: refactoring deployment app name usage (#5702) * removing hard coded deployment app name * removing %s-%s usage * wip: query change for enterprise * wip * wip * wip * adding release mode in deployment config * wip: release changes * left join on pco and artifact * handling empty release mode - backward compatibility * fixing panic * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * migration updated * main merge and migration script updated * wip * review changes * fix sql no --------- Co-authored-by: Prakash <[email protected]> * migration syn with ent (#5719) * fix: group image vulnerabilities by base/os image (#5680) * feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support * fix: query fix for appName sort or envName sort * fix: sql script number change * fix: minor changes * fix: review fix * fix: remove dml on cve_store and handle it in code handling this versioning * fix: review comments * feat: storing target,class and type values in imageScanExecutionResults * feat: add sql script * feat: add sql script * fix: add new columns * fix: update script numbers * fix: correct down script * fix: minor fix * chore: script number update * fix: remove sql script (#5727) * Revert "fix: Helm apps entries in Ea mode (#5652)" (#5733) This reverts commit f1aa1fca0624af32de5e620ceba4548488a07127. * chore: custom argo-workflow dependency (#5731) * bumped github.com/argoproj/argo-workflows/v3 v3.5.10 => github.com/devtron-labs/argo-workflows/v3 v3.5.10 * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * fix: ea fixes for helm app (#5708) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * Revert "fix: ea fixes for helm app (#5708)" (#5713) This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85. * fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712) * SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation * minor refactor * minor refactor * migration syn with ent (#5718) * reverted main branch changes * reverted main branch changes --------- Co-authored-by: Prakash <[email protected]> Co-authored-by: Rajeev Ranjan <[email protected]> Co-authored-by: prakhar katiyar <[email protected]> * chore: fix go.sum file (#5734) * misc: Main sync develop (#5737) * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * fix: ea fixes for helm app (#5708) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * Revert "fix: ea fixes for helm app (#5708)" (#5713) This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85. * fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712) * SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation * minor refactor * minor refactor * migration syn with ent (#5718) --------- Co-authored-by: Prakash <[email protected]> Co-authored-by: Rajeev Ranjan <[email protected]> Co-authored-by: prakhar katiyar <[email protected]> * fix: Validate config cm cs (#5750) * validateConfigRequest before CMGlobalAddUpdate and CSGlobalAddUpdate * checkIfConfigDataAlreadyExist --------- Co-authored-by: ayu-devtron <[email protected]> Co-authored-by: Vikram Singh <[email protected]> Co-authored-by: Gireesh Naidu <[email protected]> Co-authored-by: Shivam Nagar <[email protected]> Co-authored-by: Prakash <[email protected]> Co-authored-by: adi6859 <[email protected]> Co-authored-by: Rajeev Ranjan <[email protected]> Co-authored-by: iamayushm <[email protected]> Co-authored-by: prakhar katiyar <[email protected]> Co-authored-by: Asutosh Das <[email protected]> Co-authored-by: Vikram <[email protected]> Co-authored-by: Prakarsh <[email protected]> * doc: Update prerequisites of code-scan (#5625) * Update prerequisites of code-scan * Hyperlinked the Vulnerability scanning doc --------- Co-authored-by: ashokdevtron <[email protected]> * fix: ci patch rbac for branch update (#5759) * feat: Added basic auth support for servicemonitor (#5761) * Added support for basic auth in servicemonitor * Added support for namespace selector and custom matchLabels * Fixed indentations * fix: Bitnami chart repo tls issue (#5740) * bitnami_chart_fix * Rename 278_bitnami_chart_fix.down.sql to 282_bitnami_chart_fix.down.sql * Rename 278_bitnami_chart_fix.up.sql to 282_bitnami_chart_fix.up.sql --------- Co-authored-by: Pawan Mehta <[email protected]> * doc: Cosign plugin doc (#5665) * doc for cosign plugin * edits in task name * updates in intro and other fixes. * Attached link to Cosign GitHub repo * Hyperlink fixes --------- Co-authored-by: ashokdevtron <[email protected]> * fix: check rbac on env if envName is present (#5765) * admin check fix in config draft * minor fix * doc: CraneCopy plugin doc (#5658) * doc for * edits in task name * spelling correction * Updated password --------- Co-authored-by: ashokdevtron <[email protected]> * doc: Devtron CD Trigger Plugin doc (#5747) * devtron-cd-trigger plugin doc * minor update * Proofreading done * Update devtron-cd-trigger.md * Removed unwanted phrase * Changed wording * Changed plurality * Updated devtron token --------- Co-authored-by: ashokdevtron <[email protected]> * doc: DockerSlim plugin doc (#5660) * doc for DockerSlim plugin * Updated Docker-Slim to DockerSlim * Minor fixes * url update * Fixes in url --------- Co-authored-by: ashokdevtron <[email protected]> * doc: Devtron Job Trigger Plugin doc (#5742) * devtron-job-trigger plugin doc * summary updated * Updated input variable description * token value updated --------- Co-authored-by: ashokdevtron <[email protected]> * fix: scan tool active check removed (#5771) * scan tool active check removed * query fix * feat: Docker pull env driven (#5767) * useDockerApiToGetDigest menv driven flag to control pulling image either using docker pull or docker API * UseAppDockerConfigForPrivateRegistries in workflow request * revert * revert * fix: panic handlings and argocd app delete stuck in partial stage (#5770) * fix: panic handlings * fix: false positive matrics on gitOps failures * fix: for GetConfigForHelmApps err: pg no row * feat: plugin creation support (#5630) * wip: new plugin creation api and min plugin api with only shared plugin list * wip: create new plugin version code * wip:plugin type SHARED by default * wip:find plugin either by identifier or by id while creating a new version of existing plugin * wip: create new plugin tag logic improved * wip: optimize GetAllFilteredPluginParentMetadata query * wip: create plugin tag new flow * wip: minor fix * wip: minor fix * wip: minor fix * wip: newTagsPresent -> areNewTagsPresent * wip: icon is not mandatory code incorporated * wip:minor refactoring * wip: prevent duplicate version from being created and save tags relation only when * wip: minor fix * wip: details api, get all plugin data or non * wip: code review incorp part -1 * wip: code review incorp part -2 * wip: code review incorp part -3 * wip: remove code duplication * wip: hardcode isExposed to true * wip: hardcode StepType= inline * wip: set default VariableStepIndex= 1 * Revert "feat: plugin creation support (#5630)" (#5778) This reverts commit 4296366ae288f3a67f87e547d2b946acbcd2dd65. --------- Co-authored-by: Rajeev Ranjan <[email protected]> Co-authored-by: prakhar katiyar <[email protected]> Co-authored-by: ashokdevtron <[email protected]> Co-authored-by: Badal Kumar <[email protected]> Co-authored-by: Badal Kumar Prusty <[email protected]> Co-authored-by: kripanshdevtron <[email protected]> Co-authored-by: kartik-579 <[email protected]> Co-authored-by: ayu-devtron <[email protected]> Co-authored-by: Vikram Singh <[email protected]> Co-authored-by: Gireesh Naidu <[email protected]> Co-authored-by: Shivam Nagar <[email protected]> Co-authored-by: adi6859 <[email protected]> Co-authored-by: iamayushm <[email protected]> Co-authored-by: Asutosh Das <[email protected]> Co-authored-by: Vikram <[email protected]> Co-authored-by: Prakarsh <[email protected]> Co-authored-by: Bhushan Nemade <[email protected]> Co-authored-by: Pawan Mehta <[email protected]> Co-authored-by: akshatsinha007 <[email protected]> * fix: Sql injection fix develop (#5785) * sql injection fixes * query param init fix * feat: add support for tag name for external CI (#5689) * remove validation that url exists in external artifact * handle docker tag name regex validation * sync with enterprise * sync with enterprise * added validation for external ci tag name * fix log * mark deployment aborted if validation fails * digest validation added * fix typo * common lib update --------- Co-authored-by: prakhar katiyar <[email protected]> * argo-assets moved out (#5788) * query param split (#5801) (#5803) * feat: acr polling plugin support (#5724) * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * fix: ea fixes for helm app (#5708) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * Revert "fix: ea fixes for helm app (#5708)" (#5713) This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85. * fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712) * SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation * minor refactor * minor refactor * chore: polling plugin refactored * chore: refactored method name * update polling plugin response struct * updated migration number * updated polling plugin image * updated polling plugin migration script * fix: same digest for different image issue * fix: plugin migration handling * updated polling plugin migration script * updated migration number * fix: empty artifact issue * chore: polling plugin migration prod-image updated * updated common-lib version --------- Co-authored-by: Prakash <[email protected]> Co-authored-by: Rajeev Ranjan <[email protected]> * fix: build failed due to argo assets (#5805) * handled the release not found case for app detail of external app (#5791) Co-authored-by: Rajeev Ranjan<[email protected]> * chore: Main develop sync bd5118 (#5817) * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * fix: ea fixes for helm app (#5708) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * Revert "fix: ea fixes for helm app (#5708)" (#5713) This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85. * fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712) * SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation * minor refactor * minor refactor * migration syn with ent (#5718) * doc: Edit Deployment Chart Schema (#5735) * Edit Deployment Chart Schema * Fixes * PM + CO Feedback Incorporated * doc: Redirection of old entry in gitbook.yaml (#5738) * Edit Deployment Chart Schema * Fixes * PM + CO Feedback Incorporated * Redirected Old Entry * docs: added Documentation for Air-Gapped Installation (#5360) * added docs for air-gapped-installation * added all the images in 7.0.0 * modified yq command in the docs * added an entry in summary.md * added installation commands * modified statements * modified variable name * added steps to navigation * added the latest oss chart images * added a note for docker * Added Intro + Proofreading + Structuring * Other fixes * Lang fix * added docs for ea-mode only * modified lang * Update install-devtron-in-airgapped-environment.md Changed h3 header to fit the ToC on the RHS * added changes * modified changes --------- Co-authored-by: Badal Kumar Prusty <[email protected]> Co-authored-by: ashokdevtron <[email protected]> * feat: Env description handling (#5744) * env description handling added * license handling * misc: Main sync rc - branch update (#5753) * added config sql script (#5681) * feat: CVE severity categorisation and scan result listing API enhancements (#5617) * feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support * fix: query fix for appName sort or envName sort * fix: sql script number change * fix: minor changes * fix: review fix * fix: remove dml on cve_store and handle it in code handling this versioning * fix: review comments * fix: update script numbers * fix: minor fix * feat: casbin deny policy sql scripts (#5677) * system controller scripts * script additions * sql cript update * sql script number chnage * feat: Config diff phase 2 oss (#5488) * story(configDiffView) : open api spec * story(configDiffView) : open api spec updated * story(configDiffView) : open api spec updated for error state * story(configDiffView) : WIP * story(configDiffView) : WIP "some code changed" * story(configDiffView) : support for names added * story(configDiffView) : iota removed * story(configDiffView) : pg no rows handled * story(configDiffView) : spelling check * story(configDiffView) : code review comment resolved * story(configDiffView) : env id added * story(configDiffView) : intersection added * story(configDiffView) : comments removed * story(configDiffView) : code review comment resolved * story(configDiffView) : comment removed * story(configDiffView) : CMCSNames DTO moved * story(configDiffView) : null case handled * story(configDiffView) : logger added * story(configDiffView) : code refactored * story(configDiffView) : code refactored v2 * story(configDiffView) : spec updated * story(configDiffView) : code refactored * story(configDiffView) : config names * main sync * overridden and global flag introduced in config diff autocomplete api * ent sync * get config data in resthandler * new api for showing all config data in config/data :- Service func -> GetAllConfigData * using a single key instead of global and overridden key in config/autocomplete api * ConfigState made string instead of int * not sending inheriting in case base config * code review comment incorporation * ent sync * code review comment incorp -1 * code review comment incorp -2 * code review comment incorp -3 * small fix in plugin * migration number changes (#5692) * main sync * minor fix * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * scipt number change --------- Co-authored-by: adi6859 <[email protected]> Co-authored-by: Vikram Singh <[email protected]> * fix: Helm apps entries in Ea mode (#5652) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * executed make after merging with develop branch * feat: refactoring deployment app name usage (#5702) * removing hard coded deployment app name * removing %s-%s usage * wip: query change for enterprise * wip * wip * wip * adding release mode in deployment config * wip: release changes * left join on pco and artifact * handling empty release mode - backward compatibility * fixing panic * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * migration updated * main merge and migration script updated * wip * review changes * fix sql no --------- Co-authored-by: Prakash <[email protected]> * migration syn with ent (#5719) * fix: group image vulnerabilities by base/os image (#5680) * feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support * fix: query fix for appName sort or envName sort * fix: sql script number change * fix: minor changes * fix: review fix * fix: remove dml on cve_store and handle it in code handling this versioning * fix: review comments * feat: storing target,class and type values in imageScanExecutionResults * feat: add sql script * feat: add sql script * fix: add new columns * fix: update script numbers * fix: correct down script * fix: minor fix * chore: script number update * fix: remove sql script (#5727) * Revert "fix: Helm apps entries in Ea mode (#5652)" (#5733) This reverts commit f1aa1fca0624af32de5e620ceba4548488a07127. * chore: custom argo-workflow dependency (#5731) * bumped github.com/argoproj/argo-workflows/v3 v3.5.10 => github.com/devtron-labs/argo-workflows/v3 v3.5.10 * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * fix: ea fixes for helm app (#5708) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * Revert "fix: ea fixes for helm app (#5708)" (#5713) This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85. * fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712) * SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation * minor refactor * minor refactor * migration syn with ent (#5718) * reverted main branch changes * reverted main branch changes --------- Co-authored-by: Prakash <[email protected]> Co-authored-by: Rajeev Ranjan <[email protected]> Co-authored-by: prakhar katiyar <[email protected]> * chore: fix go.sum file (#5734) * misc: Main sync develop (#5737) * migration number changes (#5692) * refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696) * fix: Decode secret fix on add update oss (#5695) * ValidateEncodedDataByDecoding in case add or update secret * wire fix from main * minor refactor * comment * saving pco concurrency case handled (#5688) * fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701) * script for pipelineStageStepVariable, making input value and default_value text from varchar255 * erro log fix * fix: ea fixes for helm app (#5708) * added the ea apps entry app table * resolved the ea mode multiple rows error during configuration of app * modified the ea dockerfile in ca-certificates cmd * uncommented the code and left the ea helm app making way untouched * remodified the dockerfile as previous state * modified the docker file ea mode * dockerfile exit code 100 due to ap install alternative in ea mode dockerfile * execute make after main merge * modified changes in dockerfile ea mode * resolved comments after first level review * Revert "fix: ea fixes for helm app (#5708)" (#5713) This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85. * fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712) * SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation * minor refactor * minor refactor * migration syn with ent (#5718) --------- Co-authored-by: Prakash <[email protected]> Co-authored-by: Rajeev Ranjan <[email protected]> Co-authored-by: prakhar katiyar <[email protected]> * fix: Validate config cm cs (#5750) * validateConfigRequest before CMGlobalAddUpdate and CSGlobalAddUpdate * checkIfConfigDataAlreadyExist --------- Co-authored-by: ayu-devtron <[email protected]> Co-authored-by: Vikram Singh <[email protected]> Co-authored-by: Gireesh Naidu <[email protected]> Co-authored-by: Shivam Nagar <[email protected]> Co-authored-by: Prakash <[email protected]> Co-authored-by: adi6859 <[email protected]> Co-authored-by: Rajeev Ranjan <[email protected]> Co-authored-by: iamayushm <[email protected]> Co-authored-by: prakhar katiyar <[email protected]> Co-authored-by: Asutosh Das <[email protected]> Co-authored-by: Vikram <[email protected]> Co-authored-by: Prakarsh <[email protected]> * doc: Update prerequisites of code-scan (#5625) * Update prerequisites of code-scan * Hyperlinked the Vulnerability scanning doc --------- Co-authored-by: ashokdevtron <[email protected]> * fix: ci patch rbac for branch update (#5759) * feat: Added basic auth support for servicemonitor (#5761) * Added support for basic auth in servicemonitor * Added support for namespace selector and custom matchLabels * Fixed indentations * fix: Bitnami chart repo tls issue (#5740) * bitnami_chart_fix * Rename 278_bitnami_chart_fix.down.sql to 282_bitnami_chart_fix.down.sql * Rename 278_bitnami_chart_fix.up.sql to 282_bitnami_chart_fix.up.sql --------- Co-authored-by: Pawan Mehta <[email protected]> * doc: Cosign plugin doc (#5665) * doc for cosign plugin * edits in task name * updates in intro and other fixes. * Atta…
1 parent 19ec283 commit f5387c9

File tree

1,266 files changed

+122724
-76136
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

1,266 files changed

+122724
-76136
lines changed

Dockerfile

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ RUN apt install git gcc musl-dev make -y
66
RUN go install github.com/google/wire/cmd/wire@latest
77
WORKDIR /go/src/github.com/devtron-labs/devtron
88
ADD . /go/src/github.com/devtron-labs/devtron/
9+
ADD ./vendor/github.com/Microsoft/ /go/src/github.com/devtron-labs/devtron/vendor/github.com/microsoft/
910
RUN GOOS=linux make build-all
1011

1112
# uncomment this post build arg

DockerfileEA

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ RUN apt install git gcc musl-dev make -y
66
RUN go install github.com/google/wire/cmd/wire@latest
77
WORKDIR /go/src/github.com/devtron-labs/devtron
88
ADD . /go/src/github.com/devtron-labs/devtron/
9+
ADD ./vendor/github.com/Microsoft/ /go/src/github.com/devtron-labs/devtron/vendor/github.com/microsoft/
910
RUN GOOS=linux make build-all
1011

1112
FROM ubuntu:22.04@sha256:1b8d8ff4777f36f19bfe73ee4df61e3a0b789caeff29caa019539ec7c9a57f95 as devtron-ea

api/appStore/deployment/CommonDeploymentRestHandler.go

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -92,8 +92,7 @@ func (handler *CommonDeploymentRestHandlerImpl) getAppOfferingMode(installedAppI
9292
err = &util.ApiError{HttpStatusCode: http.StatusBadRequest, UserMessage: "invalid app id"}
9393
return appOfferingMode, installedAppDto, err
9494
}
95-
uniqueAppName := appIdentifier.GetUniqueAppNameIdentifier()
96-
installedAppDto, err = handler.installedAppService.GetInstalledAppByClusterNamespaceAndName(appIdentifier.ClusterId, appIdentifier.Namespace, uniqueAppName)
95+
installedAppDto, err = handler.installedAppService.GetInstalledAppByClusterNamespaceAndName(appIdentifier)
9796
if err != nil {
9897
err = &util.ApiError{HttpStatusCode: http.StatusBadRequest, UserMessage: "unable to find app in database"}
9998
return appOfferingMode, installedAppDto, err
@@ -171,7 +170,7 @@ func (handler *CommonDeploymentRestHandlerImpl) GetDeploymentHistory(w http.Resp
171170
}
172171
//rbac block ends here
173172

174-
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
173+
ctx, cancel := context.WithTimeout(r.Context(), 30*time.Second)
175174
defer cancel()
176175
res, err := handler.appStoreDeploymentService.GetDeploymentHistory(ctx, installedAppDto)
177176
if err != nil {

api/auth/user/UserRestHandler.go

Lines changed: 60 additions & 47 deletions
Original file line numberDiff line numberDiff line change
@@ -142,7 +142,7 @@ func (handler UserRestHandlerImpl) CreateUser(w http.ResponseWriter, r *http.Req
142142
//RBAC enforcer Ends
143143
//In create req, we also check if any email exists already. If yes, then in that case we go on and merge existing roles and groups with the ones in request
144144
//but rbac is only checked on create request roles and groups as existing roles and groups are assumed to be checked when created/updated before
145-
res, err := handler.userService.CreateUser(&userInfo)
145+
res, err := handler.userService.CreateUser(&userInfo, token, handler.CheckManagerAuth)
146146
if err != nil {
147147
handler.logger.Errorw("service err, CreateUser", "err", err, "payload", userInfo)
148148
if _, ok := err.(*util.ApiError); ok {
@@ -192,7 +192,7 @@ func (handler UserRestHandlerImpl) UpdateUser(w http.ResponseWriter, r *http.Req
192192
return
193193
}
194194

195-
res, err := handler.userService.UpdateUser(&userInfo, token, handler.checkRBACForUserUpdate)
195+
res, err := handler.userService.UpdateUser(&userInfo, token, handler.checkRBACForUserUpdate, handler.CheckManagerAuth)
196196
if err != nil {
197197
handler.logger.Errorw("service err, UpdateUser", "err", err, "payload", userInfo)
198198
common.WriteJsonResp(w, err, "", http.StatusInternalServerError)
@@ -243,18 +243,9 @@ func (handler UserRestHandlerImpl) GetById(w http.ResponseWriter, r *http.Reques
243243
// RBAC enforcer applying
244244
filteredRoleFilter := make([]bean.RoleFilter, 0)
245245
if res.RoleFilters != nil && len(res.RoleFilters) > 0 {
246+
isUserSuperAdmin := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionGet, "*")
246247
for _, filter := range res.RoleFilters {
247-
authPass := true
248-
if len(filter.Team) > 0 {
249-
if ok := handler.enforcer.Enforce(token, casbin.ResourceUser, casbin.ActionGet, filter.Team); !ok {
250-
authPass = false
251-
}
252-
}
253-
if filter.Entity == bean.CLUSTER_ENTITIY {
254-
if ok := handler.userCommonService.CheckRbacForClusterEntity(filter.Cluster, filter.Namespace, filter.Group, filter.Kind, filter.Resource, token, handler.CheckManagerAuth); !ok {
255-
authPass = false
256-
}
257-
}
248+
authPass := handler.checkRbacForFilter(token, filter, isUserSuperAdmin)
258249
if authPass {
259250
filteredRoleFilter = append(filteredRoleFilter, filter)
260251
}
@@ -316,7 +307,7 @@ func (handler UserRestHandlerImpl) GetAllV2(w http.ResponseWriter, r *http.Reque
316307
break
317308
}
318309
}
319-
if filter.Entity == bean.CLUSTER_ENTITIY {
310+
if filter.Entity == bean2.CLUSTER_ENTITIY {
320311
if ok := handler.userCommonService.CheckRbacForClusterEntity(filter.Cluster, filter.Namespace, filter.Group, filter.Kind, filter.Resource, token, handler.CheckManagerAuth); ok {
321312
isAuthorised = true
322313
break
@@ -387,7 +378,7 @@ func (handler UserRestHandlerImpl) GetAll(w http.ResponseWriter, r *http.Request
387378
break
388379
}
389380
}
390-
if filter.Entity == bean.CLUSTER_ENTITIY {
381+
if filter.Entity == bean2.CLUSTER_ENTITIY {
391382
if ok := handler.userCommonService.CheckRbacForClusterEntity(filter.Cluster, filter.Namespace, filter.Group, filter.Kind, filter.Resource, token, handler.CheckManagerAuth); ok {
392383
isAuthorised = true
393384
break
@@ -464,7 +455,7 @@ func (handler UserRestHandlerImpl) DeleteUser(w http.ResponseWriter, r *http.Req
464455
}
465456
if user.RoleFilters != nil && len(user.RoleFilters) > 0 {
466457
for _, filter := range user.RoleFilters {
467-
if filter.AccessType == bean.APP_ACCESS_TYPE_HELM && !isActionUserSuperAdmin {
458+
if filter.AccessType == bean2.APP_ACCESS_TYPE_HELM && !isActionUserSuperAdmin {
468459
common.WriteJsonResp(w, errors.New("unauthorized"), nil, http.StatusForbidden)
469460
return
470461
}
@@ -474,7 +465,7 @@ func (handler UserRestHandlerImpl) DeleteUser(w http.ResponseWriter, r *http.Req
474465
return
475466
}
476467
}
477-
if filter.Entity == bean.CLUSTER_ENTITIY {
468+
if filter.Entity == bean2.CLUSTER_ENTITIY {
478469
if ok := handler.userCommonService.CheckRbacForClusterEntity(filter.Cluster, filter.Namespace, filter.Group, filter.Kind, filter.Resource, token, handler.CheckManagerAuth); !ok {
479470
common.WriteJsonResp(w, errors.New("unauthorized"), nil, http.StatusForbidden)
480471
return
@@ -578,18 +569,9 @@ func (handler UserRestHandlerImpl) FetchRoleGroupById(w http.ResponseWriter, r *
578569
token := r.Header.Get("token")
579570
filteredRoleFilter := make([]bean.RoleFilter, 0)
580571
if res.RoleFilters != nil && len(res.RoleFilters) > 0 {
572+
isUserSuperAdmin := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionGet, "*")
581573
for _, filter := range res.RoleFilters {
582-
authPass := true
583-
if len(filter.Team) > 0 {
584-
if ok := handler.enforcer.Enforce(token, casbin.ResourceUser, casbin.ActionGet, filter.Team); !ok {
585-
authPass = false
586-
}
587-
}
588-
if filter.Entity == bean.CLUSTER_ENTITIY {
589-
if isValidAuth := handler.userCommonService.CheckRbacForClusterEntity(filter.Cluster, filter.Namespace, filter.Group, filter.Kind, filter.Resource, token, handler.CheckManagerAuth); !isValidAuth {
590-
authPass = false
591-
}
592-
}
574+
authPass := handler.checkRbacForFilter(token, filter, isUserSuperAdmin)
593575
if authPass {
594576
filteredRoleFilter = append(filteredRoleFilter, filter)
595577
}
@@ -610,6 +592,35 @@ func (handler UserRestHandlerImpl) FetchRoleGroupById(w http.ResponseWriter, r *
610592
common.WriteJsonResp(w, err, res, http.StatusOK)
611593
}
612594

595+
func (handler UserRestHandlerImpl) checkRbacForFilter(token string, filter bean.RoleFilter, isUserSuperAdmin bool) bool {
596+
isAuthorised := true
597+
switch {
598+
case isUserSuperAdmin:
599+
isAuthorised = true
600+
case filter.AccessType == bean2.APP_ACCESS_TYPE_HELM || filter.Entity == bean2.EntityJobs:
601+
if ok := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionGet, "*"); !ok {
602+
isAuthorised = false
603+
}
604+
605+
case len(filter.Team) > 0:
606+
// this is case of devtron app
607+
if ok := handler.enforcer.Enforce(token, casbin.ResourceUser, casbin.ActionGet, filter.Team); !ok {
608+
isAuthorised = false
609+
}
610+
611+
case filter.Entity == bean.CLUSTER_ENTITIY:
612+
isValidAuth := handler.userCommonService.CheckRbacForClusterEntity(filter.Cluster, filter.Namespace, filter.Group, filter.Kind, filter.Resource, token, handler.CheckManagerAuth)
613+
if !isValidAuth {
614+
isAuthorised = false
615+
}
616+
case filter.Entity == bean.CHART_GROUP_ENTITY:
617+
isAuthorised = true
618+
default:
619+
isAuthorised = false
620+
}
621+
return isAuthorised
622+
}
623+
613624
func (handler UserRestHandlerImpl) CreateRoleGroup(w http.ResponseWriter, r *http.Request) {
614625
decoder := json.NewDecoder(r.Body)
615626
userId, err := handler.userService.GetLoggedInUser(r)
@@ -698,7 +709,7 @@ func (handler UserRestHandlerImpl) UpdateRoleGroup(w http.ResponseWriter, r *htt
698709
return
699710
}
700711

701-
res, err := handler.roleGroupService.UpdateRoleGroup(&request, token, handler.checkRBACForRoleGroupUpdate)
712+
res, err := handler.roleGroupService.UpdateRoleGroup(&request, token, handler.checkRBACForRoleGroupUpdate, handler.CheckManagerAuth)
702713
if err != nil {
703714
handler.logger.Errorw("service err, UpdateRoleGroup", "err", err, "payload", request)
704715
common.WriteJsonResp(w, err, "", http.StatusInternalServerError)
@@ -749,7 +760,7 @@ func (handler UserRestHandlerImpl) FetchRoleGroupsV2(w http.ResponseWriter, r *h
749760
break
750761
}
751762
}
752-
if filter.Entity == bean.CLUSTER_ENTITIY {
763+
if filter.Entity == bean2.CLUSTER_ENTITIY {
753764
if isValidAuth := handler.userCommonService.CheckRbacForClusterEntity(filter.Cluster, filter.Namespace, filter.Group, filter.Kind, filter.Resource, token, handler.CheckManagerAuth); isValidAuth {
754765
isAuthorised = true
755766
break
@@ -820,7 +831,7 @@ func (handler UserRestHandlerImpl) FetchRoleGroups(w http.ResponseWriter, r *htt
820831
break
821832
}
822833
}
823-
if filter.Entity == bean.CLUSTER_ENTITIY {
834+
if filter.Entity == bean2.CLUSTER_ENTITIY {
824835
if isValidAuth := handler.userCommonService.CheckRbacForClusterEntity(filter.Cluster, filter.Namespace, filter.Group, filter.Kind, filter.Resource, token, handler.CheckManagerAuth); isValidAuth {
825836
isAuthorised = true
826837
break
@@ -908,7 +919,7 @@ func (handler UserRestHandlerImpl) DeleteRoleGroup(w http.ResponseWriter, r *htt
908919
return
909920
}
910921
token := r.Header.Get("token")
911-
isAuthorised, err := handler.checkRBACForRoleGroupDelete(token, userGroup.RoleFilters)
922+
isAuthorised, err := handler.checkRBACForRoleGroupDelete(token, userGroup)
912923
if err != nil {
913924
common.WriteJsonResp(w, err, "", http.StatusInternalServerError)
914925
return
@@ -1038,7 +1049,7 @@ func (handler UserRestHandlerImpl) SyncOrchestratorToCasbin(w http.ResponseWrite
10381049
common.WriteJsonResp(w, err, "Unauthorized User", http.StatusUnauthorized)
10391050
return
10401051
}
1041-
userEmailId, err := handler.userService.GetEmailById(userId)
1052+
userEmailId, err := handler.userService.GetActiveEmailById(userId)
10421053
if err != nil {
10431054
handler.logger.Errorw("service err, SyncOrchestratorToCasbin", "err", err, "userId", userId)
10441055
common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
@@ -1138,7 +1149,7 @@ func (handler UserRestHandlerImpl) checkRBACForUserCreate(token string, requestS
11381149
isAuthorised = false
11391150
}
11401151
if !isAuthorised {
1141-
break
1152+
return false, nil
11421153
}
11431154
}
11441155
}
@@ -1167,7 +1178,7 @@ func (handler UserRestHandlerImpl) checkRBACForUserCreate(token string, requestS
11671178
isAuthorised = false
11681179
}
11691180
if !isAuthorised {
1170-
break
1181+
return false, nil
11711182
}
11721183
}
11731184
} else {
@@ -1206,7 +1217,7 @@ func (handler UserRestHandlerImpl) checkRBACForUserUpdate(token string, userInfo
12061217
isAuthorised = false
12071218
}
12081219
if !isAuthorised {
1209-
break
1220+
return false, nil
12101221
}
12111222
}
12121223
}
@@ -1225,7 +1236,7 @@ func (handler UserRestHandlerImpl) checkRBACForUserUpdate(token string, userInfo
12251236
isAuthorised = false
12261237
}
12271238
if !isAuthorised {
1228-
break
1239+
return false, nil
12291240
}
12301241
}
12311242
}
@@ -1252,7 +1263,7 @@ func (handler UserRestHandlerImpl) checkRBACForUserUpdate(token string, userInfo
12521263
isAuthorised = false
12531264
}
12541265
if !isAuthorised {
1255-
break
1266+
return false, nil
12561267
}
12571268
}
12581269
} else {
@@ -1263,11 +1274,10 @@ func (handler UserRestHandlerImpl) checkRBACForUserUpdate(token string, userInfo
12631274
return isAuthorised, nil
12641275
}
12651276

1266-
func (handler UserRestHandlerImpl) checkRBACForRoleGroupUpdate(token string, groupInfo *bean.RoleGroup,
1267-
eliminatedRoleFilters []*repository.RoleModel) (isAuthorised bool, err error) {
1277+
func (handler UserRestHandlerImpl) checkRBACForRoleGroupUpdate(token string, groupInfo *bean.RoleGroup, eliminatedRoleFilters []*repository.RoleModel, isRoleGroupAlreadySuperAdmin bool) (isAuthorised bool, err error) {
12681278
isActionUserSuperAdmin := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionGet, "*")
12691279
requestSuperAdmin := groupInfo.SuperAdmin
1270-
if requestSuperAdmin && !isActionUserSuperAdmin {
1280+
if (requestSuperAdmin || isRoleGroupAlreadySuperAdmin) && !isActionUserSuperAdmin {
12711281
//if user is going to be provided with super-admin access or already a super-admin then the action user should be a super-admin
12721282
return false, nil
12731283
}
@@ -1290,7 +1300,7 @@ func (handler UserRestHandlerImpl) checkRBACForRoleGroupUpdate(token string, gro
12901300
isAuthorised = false
12911301
}
12921302
if !isAuthorised {
1293-
break
1303+
return false, nil
12941304
}
12951305
}
12961306
}
@@ -1309,20 +1319,23 @@ func (handler UserRestHandlerImpl) checkRBACForRoleGroupUpdate(token string, gro
13091319
isAuthorised = false
13101320
}
13111321
if !isAuthorised {
1312-
break
1322+
return false, nil
13131323
}
13141324
}
13151325
}
13161326
}
13171327
return isAuthorised, nil
13181328
}
13191329

1320-
func (handler UserRestHandlerImpl) checkRBACForRoleGroupDelete(token string, groupRoles []bean.RoleFilter) (isAuthorised bool, err error) {
1330+
func (handler UserRestHandlerImpl) checkRBACForRoleGroupDelete(token string, userGroup *bean.RoleGroup) (isAuthorised bool, err error) {
13211331
isActionUserSuperAdmin := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionGet, "*")
1332+
if userGroup.SuperAdmin && !isActionUserSuperAdmin {
1333+
return false, nil
1334+
}
13221335
isAuthorised = isActionUserSuperAdmin
13231336
if !isAuthorised {
1324-
if groupRoles != nil && len(groupRoles) > 0 { //auth check inside roleFilters
1325-
for _, filter := range groupRoles {
1337+
if userGroup.RoleFilters != nil && len(userGroup.RoleFilters) > 0 { //auth check inside roleFilters
1338+
for _, filter := range userGroup.RoleFilters {
13261339
switch {
13271340
case filter.Action == bean.ACTION_SUPERADMIN:
13281341
isAuthorised = isActionUserSuperAdmin
@@ -1338,7 +1351,7 @@ func (handler UserRestHandlerImpl) checkRBACForRoleGroupDelete(token string, gro
13381351
isAuthorised = false
13391352
}
13401353
if !isAuthorised {
1341-
break
1354+
return false, nil
13421355
}
13431356
}
13441357
}

api/helm-app/HelmAppRestHandler.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -159,7 +159,7 @@ func (handler *HelmAppRestHandlerImpl) GetApplicationDetail(w http.ResponseWrite
159159
return
160160
}
161161

162-
installedApp, err := handler.installedAppService.GetInstalledAppByClusterNamespaceAndName(appIdentifier.ClusterId, appIdentifier.Namespace, appIdentifier.ReleaseName)
162+
installedApp, err := handler.installedAppService.GetInstalledAppByClusterNamespaceAndName(appIdentifier)
163163
if err != nil {
164164
common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
165165
return

0 commit comments

Comments
 (0)