Skip to content

Commit

Permalink
chore: Main sync (#5862)
Browse files Browse the repository at this point in the history
* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* doc: Edit Deployment Chart Schema (#5735)

* Edit Deployment Chart Schema

* Fixes

* PM + CO Feedback Incorporated

* doc: Redirection of old entry in gitbook.yaml (#5738)

* Edit Deployment Chart Schema

* Fixes

* PM + CO Feedback Incorporated

* Redirected Old Entry

* docs: added Documentation for Air-Gapped Installation (#5360)

* added docs for air-gapped-installation

* added all the images in 7.0.0

* modified yq command in the docs

* added an entry in summary.md

* added installation commands

* modified statements

* modified variable name

* added steps to navigation

* added the latest oss chart images

* added a note for docker

* Added Intro + Proofreading + Structuring

* Other fixes

* Lang fix

* added docs for ea-mode only

* modified lang

* Update install-devtron-in-airgapped-environment.md

Changed h3 header to fit the ToC on the RHS

* added changes

* modified changes

---------

Co-authored-by: Badal Kumar Prusty <badalkumar@Badals-MacBook-Pro.local>
Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* feat: Env description handling (#5744)

* env description handling added

* license handling

* misc: Main sync rc - branch update (#5753)

* added config sql script (#5681)

* feat: CVE severity categorisation and scan result listing API enhancements (#5617)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* fix: update script numbers

* fix: minor fix

* feat: casbin deny policy sql scripts (#5677)

* system controller scripts

* script additions

* sql cript update

* sql script number chnage

* feat: Config diff phase 2 oss (#5488)

* story(configDiffView) : open api spec

* story(configDiffView) : open api spec updated

* story(configDiffView) : open api spec updated for error state

* story(configDiffView) : WIP

* story(configDiffView) : WIP "some code changed"

* story(configDiffView) : support for names added

* story(configDiffView) : iota removed

* story(configDiffView) : pg no rows handled

* story(configDiffView) : spelling check

* story(configDiffView) : code review comment resolved

* story(configDiffView) : env id added

* story(configDiffView) : intersection added

* story(configDiffView) : comments removed

* story(configDiffView) : code review comment resolved

* story(configDiffView) : comment removed

* story(configDiffView) : CMCSNames DTO moved

* story(configDiffView) : null case handled

* story(configDiffView) : logger added

* story(configDiffView) : code refactored

* story(configDiffView) : code refactored v2

* story(configDiffView) : spec updated

* story(configDiffView) : code refactored

* story(configDiffView) : config names

* main sync

* overridden and global flag introduced in config diff autocomplete api

* ent sync

* get config data in resthandler

* new api for showing all config data in config/data :- Service func -> GetAllConfigData

* using a single key instead of global and overridden key in config/autocomplete api

* ConfigState made string instead of int

* not sending inheriting in case base config

* code review comment incorporation

* ent sync

* code review comment incorp -1

* code review comment incorp -2

* code review comment incorp -3

* small fix in plugin

* migration number changes (#5692)

* main sync

* minor fix

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* scipt number change

---------

Co-authored-by: adi6859 <aditya.ar1909@gmail.com>
Co-authored-by: Vikram Singh <vikram@devtron.ai>

* fix: Helm apps entries in Ea mode (#5652)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* executed make after merging with develop branch

* feat: refactoring deployment app name usage (#5702)

* removing hard coded deployment app name

* removing %s-%s usage

* wip: query change for enterprise

* wip

* wip

* wip

* adding release mode in deployment config

* wip: release changes

* left join on pco and artifact

* handling empty release mode - backward compatibility

* fixing panic

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* migration updated

* main merge and migration script updated

* wip

* review changes

* fix sql no

---------

Co-authored-by: Prakash <prakash.kumar@devtron.ai>

* migration syn with ent (#5719)

* fix: group image vulnerabilities by base/os image (#5680)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* feat: storing target,class and type values in imageScanExecutionResults

* feat: add sql script

* feat: add sql script

* fix: add new columns

* fix: update script numbers

* fix: correct down script

* fix: minor fix

* chore: script number update

* fix: remove sql script (#5727)

* Revert "fix: Helm apps entries in Ea mode (#5652)" (#5733)

This reverts commit f1aa1fca0624af32de5e620ceba4548488a07127.

* chore: custom argo-workflow dependency (#5731)

* bumped github.com/argoproj/argo-workflows/v3 v3.5.10 => github.com/devtron-labs/argo-workflows/v3 v3.5.10

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* reverted main branch changes

* reverted main branch changes

---------

Co-authored-by: Prakash <prakash.kumar@devtron.ai>
Co-authored-by: Rajeev Ranjan <90333766+RajeevRanjan27@users.noreply.github.com>
Co-authored-by: prakhar katiyar <39842461+prkhrkat@users.noreply.github.com>

* chore: fix go.sum file (#5734)

* misc: Main sync develop (#5737)

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

---------

Co-authored-by: Prakash <prakash.kumar@devtron.ai>
Co-authored-by: Rajeev Ranjan <90333766+RajeevRanjan27@users.noreply.github.com>
Co-authored-by: prakhar katiyar <39842461+prkhrkat@users.noreply.github.com>

* fix: Validate config cm cs (#5750)

* validateConfigRequest before CMGlobalAddUpdate and CSGlobalAddUpdate

* checkIfConfigDataAlreadyExist

---------

Co-authored-by: ayu-devtron <167413063+ayu-devtron@users.noreply.github.com>
Co-authored-by: Vikram Singh <vikram@devtron.ai>
Co-authored-by: Gireesh Naidu <111440205+gireesh-naidu@users.noreply.github.com>
Co-authored-by: Shivam Nagar <124123645+Shivam-nagar23@users.noreply.github.com>
Co-authored-by: Prakash <prakash.kumar@devtron.ai>
Co-authored-by: adi6859 <aditya.ar1909@gmail.com>
Co-authored-by: Rajeev Ranjan <90333766+RajeevRanjan27@users.noreply.github.com>
Co-authored-by: iamayushm <32041961+iamayushm@users.noreply.github.com>
Co-authored-by: prakhar katiyar <39842461+prkhrkat@users.noreply.github.com>
Co-authored-by: Asutosh Das <asutosh2000ad@gmail.com>
Co-authored-by: Vikram <73224103+vikramdevtron@users.noreply.github.com>
Co-authored-by: Prakarsh <71125043+prakarsh-dt@users.noreply.github.com>

* doc: Update prerequisites of code-scan (#5625)

* Update prerequisites of code-scan

* Hyperlinked the Vulnerability scanning doc

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* fix: ci patch rbac for branch update (#5759)

* feat: Added basic auth support for servicemonitor (#5761)

* Added support for basic auth in servicemonitor

* Added support for namespace selector and custom matchLabels

* Fixed indentations

* fix: Bitnami chart repo tls issue (#5740)

* bitnami_chart_fix

* Rename 278_bitnami_chart_fix.down.sql to 282_bitnami_chart_fix.down.sql

* Rename 278_bitnami_chart_fix.up.sql to 282_bitnami_chart_fix.up.sql

---------

Co-authored-by: Pawan Mehta <117346502+pawan-mehta-dt@users.noreply.github.com>

* doc: Cosign plugin doc (#5665)

* doc for cosign plugin

* edits in task name

* updates in intro and other fixes.

* Attached link to Cosign GitHub repo

* Hyperlink fixes

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* fix: check rbac on env if envName is present (#5765)

* admin check fix in config draft

* minor fix

* doc: CraneCopy plugin doc (#5658)

* doc for

* edits in task name

* spelling correction

* Updated password

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* doc: Devtron CD Trigger Plugin doc  (#5747)

* devtron-cd-trigger plugin doc

* minor update

* Proofreading done

* Update devtron-cd-trigger.md

* Removed unwanted phrase

* Changed wording

* Changed plurality

* Updated devtron token

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* doc: DockerSlim plugin doc (#5660)

* doc for DockerSlim plugin

* Updated Docker-Slim to DockerSlim

* Minor fixes

* url update

* Fixes in url

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* doc: Devtron Job Trigger Plugin doc (#5742)

* devtron-job-trigger plugin doc

* summary updated

* Updated input variable description

* token value updated

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* fix: scan tool active check removed (#5771)

* scan tool active check removed

* query fix

* feat: Docker pull env driven (#5767)

* useDockerApiToGetDigest menv driven flag to control pulling image either using docker pull or docker API

* UseAppDockerConfigForPrivateRegistries in workflow request

* revert

* revert

* fix: panic handlings and argocd app delete stuck in partial stage (#5770)

* fix: panic handlings

* fix: false positive matrics on gitOps failures

* fix: for GetConfigForHelmApps err: pg no row

* feat: plugin creation support (#5630)

* wip: new plugin creation api and min plugin api with only shared plugin list

* wip: create new plugin version code

* wip:plugin type SHARED by default

* wip:find plugin either by identifier or by id while creating a new version of existing plugin

* wip: create new plugin tag logic improved

* wip: optimize GetAllFilteredPluginParentMetadata query

* wip: create plugin tag new flow

* wip: minor fix

* wip: minor fix

* wip: minor fix

* wip: newTagsPresent -> areNewTagsPresent

* wip: icon is not  mandatory code incorporated

* wip:minor refactoring

* wip: prevent duplicate version from being created and save tags relation only when

* wip: minor fix

* wip: details api, get all plugin data or non

* wip: code review incorp part -1

* wip: code review incorp part -2

* wip: code review incorp part -3

* wip: remove code duplication

* wip: hardcode isExposed to true

* wip: hardcode StepType= inline

* wip: set default VariableStepIndex= 1

* Revert "feat: plugin creation support (#5630)" (#5778)

This reverts commit 4296366ae288f3a67f87e547d2b946acbcd2dd65.

* fix: unimplemented cluster cron service (#5781)

* fix: sql injection fixes (#5783)

* sql injection fixes

* query param init fix

* doc: Vulnerability Scanning Plugin doc (#5722)

* vulnerability scanning plugin doc

* summary.md added

* docs: Jira plugins doc (Validator + Updater) (#5709)

* Docs of Jira Plugins - Validator and Updater

* Added Index Links

* Additional Proofreading

* add basic auth and tls for sm (#5789)

* docs: added commands enable ingress during  helm installation (#5794)

* added commands emable ingress during  helm installation

* modified commands

* improved statement

* removed unrequired lines

---------

Co-authored-by: Badal Kumar Prusty <badalkumar@Badals-MacBook-Pro.local>

* Revamped + Restructured Ingress Setup Doc (#5798)

* modifying route (#5799)

Co-authored-by: Badal Kumar Prusty <badalkumar@Badals-MacBook-Pro.local>

* fix: cron status update refactoring (#5790)

Co-authored-by: Nishant <58689354+nishant-d@users.noreply.github.com>

* docs: modified the anchorlink in ingress.md (#5800)

* modifying route

* modified the anchorlink

---------

Co-authored-by: Badal Kumar Prusty <badalkumar@Badals-MacBook-Pro.local>

* query param split (#5801)

* fix: upgraded to /argo-cd/v2 v2.9.21 (#5758)

* upgraded to /argo-cd/v2 v2.9.21

* argocd vendor files added

* sync with common-lib

* fix: Ea rbac fixes (#5813)

* app found using display or app name

* single query optimization

* display name handling for new apps

---------

Co-authored-by: kartik-579 <kartik@devtron.ai>

* fix: scan list in global security page sql injection fix (#5808)

* scan list in global security page sql injection fix

* comment

* fix: app details page(#5823)

* misc: sync with common-lib changes with release candidate 18 (#5830)

* added config sql script (#5681)

* feat: CVE severity categorisation and scan result listing API enhancements (#5617)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* fix: update script numbers

* fix: minor fix

* feat: casbin deny policy sql scripts (#5677)

* system controller scripts

* script additions

* sql cript update

* sql script number chnage

* feat: Config diff phase 2 oss (#5488)

* story(configDiffView) : open api spec

* story(configDiffView) : open api spec updated

* story(configDiffView) : open api spec updated for error state

* story(configDiffView) : WIP

* story(configDiffView) : WIP "some code changed"

* story(configDiffView) : support for names added

* story(configDiffView) : iota removed

* story(configDiffView) : pg no rows handled

* story(configDiffView) : spelling check

* story(configDiffView) : code review comment resolved

* story(configDiffView) : env id added

* story(configDiffView) : intersection added

* story(configDiffView) : comments removed

* story(configDiffView) : code review comment resolved

* story(configDiffView) : comment removed

* story(configDiffView) : CMCSNames DTO moved

* story(configDiffView) : null case handled

* story(configDiffView) : logger added

* story(configDiffView) : code refactored

* story(configDiffView) : code refactored v2

* story(configDiffView) : spec updated

* story(configDiffView) : code refactored

* story(configDiffView) : config names

* main sync

* overridden and global flag introduced in config diff autocomplete api

* ent sync

* get config data in resthandler

* new api for showing all config data in config/data :- Service func -> GetAllConfigData

* using a single key instead of global and overridden key in config/autocomplete api

* ConfigState made string instead of int

* not sending inheriting in case base config

* code review comment incorporation

* ent sync

* code review comment incorp -1

* code review comment incorp -2

* code review comment incorp -3

* small fix in plugin

* migration number changes (#5692)

* main sync

* minor fix

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* scipt number change

---------

Co-authored-by: adi6859 <aditya.ar1909@gmail.com>
Co-authored-by: Vikram Singh <vikram@devtron.ai>

* fix: Helm apps entries in Ea mode (#5652)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* executed make after merging with develop branch

* feat: refactoring deployment app name usage (#5702)

* removing hard coded deployment app name

* removing %s-%s usage

* wip: query change for enterprise

* wip

* wip

* wip

* adding release mode in deployment config

* wip: release changes

* left join on pco and artifact

* handling empty release mode - backward compatibility

* fixing panic

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* migration updated

* main merge and migration script updated

* wip

* review changes

* fix sql no

---------

Co-authored-by: Prakash <prakash.kumar@devtron.ai>

* migration syn with ent (#5719)

* fix: group image vulnerabilities by base/os image (#5680)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* feat: storing target,class and type values in imageScanExecutionResults

* feat: add sql script

* feat: add sql script

* fix: add new columns

* fix: update script numbers

* fix: correct down script

* fix: minor fix

* chore: script number update

* fix: remove sql script (#5727)

* Revert "fix: Helm apps entries in Ea mode (#5652)" (#5733)

This reverts commit f1aa1fca0624af32de5e620ceba4548488a07127.

* chore: custom argo-workflow dependency (#5731)

* bumped github.com/argoproj/argo-workflows/v3 v3.5.10 => github.com/devtron-labs/argo-workflows/v3 v3.5.10

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* reverted main branch changes

* reverted main branch changes

---------

Co-authored-by: Prakash <prakash.kumar@devtron.ai>
Co-authored-by: Rajeev Ranjan <90333766+RajeevRanjan27@users.noreply.github.com>
Co-authored-by: prakhar katiyar <39842461+prkhrkat@users.noreply.github.com>

* chore: fix go.sum file (#5734)

* misc: Main sync develop (#5737)

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

---------

Co-authored-by: Prakash <prakash.kumar@devtron.ai>
Co-authored-by: Rajeev Ranjan <90333766+RajeevRanjan27@users.noreply.github.com>
Co-authored-by: prakhar katiyar <39842461+prkhrkat@users.noreply.github.com>

* chore: sql scripts sync (#5763)

* fix: Scan tool migration fix develop (#5773)

* scan tool active check removed

* query fix

* chore: Oss sync 2 sept 2024 oss (#5779)

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* doc: Edit Deployment Chart Schema (#5735)

* Edit Deployment Chart Schema

* Fixes

* PM + CO Feedback Incorporated

* doc: Redirection of old entry in gitbook.yaml (#5738)

* Edit Deployment Chart Schema

* Fixes

* PM + CO Feedback Incorporated

* Redirected Old Entry

* docs: added Documentation for Air-Gapped Installation (#5360)

* added docs for air-gapped-installation

* added all the images in 7.0.0

* modified yq command in the docs

* added an entry in summary.md

* added installation commands

* modified statements

* modified variable name

* added steps to navigation

* added the latest oss chart images

* added a note for docker

* Added Intro + Proofreading + Structuring

* Other fixes

* Lang fix

* added docs for ea-mode only

* modified lang

* Update install-devtron-in-airgapped-environment.md

Changed h3 header to fit the ToC on the RHS

* added changes

* modified changes

---------

Co-authored-by: Badal Kumar Prusty <badalkumar@Badals-MacBook-Pro.local>
Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* feat: Env description handling (#5744)

* env description handling added

* license handling

* misc: Main sync rc - branch update (#5753)

* added config sql script (#5681)

* feat: CVE severity categorisation and scan result listing API enhancements (#5617)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* fix: update script numbers

* fix: minor fix

* feat: casbin deny policy sql scripts (#5677)

* system controller scripts

* script additions

* sql cript update

* sql script number chnage

* feat: Config diff phase 2 oss (#5488)

* story(configDiffView) : open api spec

* story(configDiffView) : open api spec updated

* story(configDiffView) : open api spec updated for error state

* story(configDiffView) : WIP

* story(configDiffView) : WIP "some code changed"

* story(configDiffView) : support for names added

* story(configDiffView) : iota removed

* story(configDiffView) : pg no rows handled

* story(configDiffView) : spelling check

* story(configDiffView) : code review comment resolved

* story(configDiffView) : env id added

* story(configDiffView) : intersection added

* story(configDiffView) : comments removed

* story(configDiffView) : code review comment resolved

* story(configDiffView) : comment removed

* story(configDiffView) : CMCSNames DTO moved

* story(configDiffView) : null case handled

* story(configDiffView) : logger added

* story(configDiffView) : code refactored

* story(configDiffView) : code refactored v2

* story(configDiffView) : spec updated

* story(configDiffView) : code refactored

* story(configDiffView) : config names

* main sync

* overridden and global flag introduced in config diff autocomplete api

* ent sync

* get config data in resthandler

* new api for showing all config data in config/data :- Service func -> GetAllConfigData

* using a single key instead of global and overridden key in config/autocomplete api

* ConfigState made string instead of int

* not sending inheriting in case base config

* code review comment incorporation

* ent sync

* code review comment incorp -1

* code review comment incorp -2

* code review comment incorp -3

* small fix in plugin

* migration number changes (#5692)

* main sync

* minor fix

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* scipt number change

---------

Co-authored-by: adi6859 <aditya.ar1909@gmail.com>
Co-authored-by: Vikram Singh <vikram@devtron.ai>

* fix: Helm apps entries in Ea mode (#5652)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* executed make after merging with develop branch

* feat: refactoring deployment app name usage (#5702)

* removing hard coded deployment app name

* removing %s-%s usage

* wip: query change for enterprise

* wip

* wip

* wip

* adding release mode in deployment config

* wip: release changes

* left join on pco and artifact

* handling empty release mode - backward compatibility

* fixing panic

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* migration updated

* main merge and migration script updated

* wip

* review changes

* fix sql no

---------

Co-authored-by: Prakash <prakash.kumar@devtron.ai>

* migration syn with ent (#5719)

* fix: group image vulnerabilities by base/os image (#5680)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* feat: storing target,class and type values in imageScanExecutionResults

* feat: add sql script

* feat: add sql script

* fix: add new columns

* fix: update script numbers

* fix: correct down script

* fix: minor fix

* chore: script number update

* fix: remove sql script (#5727)

* Revert "fix: Helm apps entries in Ea mode (#5652)" (#5733)

This reverts commit f1aa1fca0624af32de5e620ceba4548488a07127.

* chore: custom argo-workflow dependency (#5731)

* bumped github.com/argoproj/argo-workflows/v3 v3.5.10 => github.com/devtron-labs/argo-workflows/v3 v3.5.10

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* reverted main branch changes

* reverted main branch changes

---------

Co-authored-by: Prakash <prakash.kumar@devtron.ai>
Co-authored-by: Rajeev Ranjan <90333766+RajeevRanjan27@users.noreply.github.com>
Co-authored-by: prakhar katiyar <39842461+prkhrkat@users.noreply.github.com>

* chore: fix go.sum file (#5734)

* misc: Main sync develop (#5737)

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

---------

Co-authored-by: Prakash <prakash.kumar@devtron.ai>
Co-authored-by: Rajeev Ranjan <90333766+RajeevRanjan27@users.noreply.github.com>
Co-authored-by: prakhar katiyar <39842461+prkhrkat@users.noreply.github.com>

* fix: Validate config cm cs (#5750)

* validateConfigRequest before CMGlobalAddUpdate and CSGlobalAddUpdate

* checkIfConfigDataAlreadyExist

---------

Co-authored-by: ayu-devtron <167413063+ayu-devtron@users.noreply.github.com>
Co-authored-by: Vikram Singh <vikram@devtron.ai>
Co-authored-by: Gireesh Naidu <111440205+gireesh-naidu@users.noreply.github.com>
Co-authored-by: Shivam Nagar <124123645+Shivam-nagar23@users.noreply.github.com>
Co-authored-by: Prakash <prakash.kumar@devtron.ai>
Co-authored-by: adi6859 <aditya.ar1909@gmail.com>
Co-authored-by: Rajeev Ranjan <90333766+RajeevRanjan27@users.noreply.github.com>
Co-authored-by: iamayushm <32041961+iamayushm@users.noreply.github.com>
Co-authored-by: prakhar katiyar <39842461+prkhrkat@users.noreply.github.com>
Co-authored-by: Asutosh Das <asutosh2000ad@gmail.com>
Co-authored-by: Vikram <73224103+vikramdevtron@users.noreply.github.com>
Co-authored-by: Prakarsh <71125043+prakarsh-dt@users.noreply.github.com>

* doc: Update prerequisites of code-scan (#5625)

* Update prerequisites of code-scan

* Hyperlinked the Vulnerability scanning doc

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* fix: ci patch rbac for branch update (#5759)

* feat: Added basic auth support for servicemonitor (#5761)

* Added support for basic auth in servicemonitor

* Added support for namespace selector and custom matchLabels

* Fixed indentations

* fix: Bitnami chart repo tls issue (#5740)

* bitnami_chart_fix

* Rename 278_bitnami_chart_fix.down.sql to 282_bitnami_chart_fix.down.sql

* Rename 278_bitnami_chart_fix.up.sql to 282_bitnami_chart_fix.up.sql

---------

Co-authored-by: Pawan Mehta <117346502+pawan-mehta-dt@users.noreply.github.com>

* doc: Cosign plugin doc (#5665)

* doc for cosign plugin

* edits in task name

* updates in intro and other fixes.

* Attached link to Cosign GitHub repo

* Hyperlink fixes

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* fix: check rbac on env if envName is present (#5765)

* admin check fix in config draft

* minor fix

* doc: CraneCopy plugin doc (#5658)

* doc for

* edits in task name

* spelling correction

* Updated password

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* doc: Devtron CD Trigger Plugin doc  (#5747)

* devtron-cd-trigger plugin doc

* minor update

* Proofreading done

* Update devtron-cd-trigger.md

* Removed unwanted phrase

* Changed wording

* Changed plurality

* Updated devtron token

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* doc: DockerSlim plugin doc (#5660)

* doc for DockerSlim plugin

* Updated Docker-Slim to DockerSlim

* Minor fixes

* url update

* Fixes in url

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* doc: Devtron Job Trigger Plugin doc (#5742)

* devtron-job-trigger plugin doc

* summary updated

* Updated input variable description

* token value updated

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* fix: scan tool active check removed (#5771)

* scan tool active check removed

* query fix

* feat: Docker pull env driven (#5767)

* useDockerApiToGetDigest menv driven flag to control pulling image either using docker pull or docker API

* UseAppDockerConfigForPrivateRegistries in workflow request

* revert

* revert

* fix: panic handlings and argocd app delete stuck in partial stage (#5770)

* fix: panic handlings

* fix: false positive matrics on gitOps failures

* fix: for GetConfigForHelmApps err: pg no row

* feat: plugin creation support (#5630)

* wip: new plugin creation api and min plugin api with only shared plugin list

* wip: create new plugin version code

* wip:plugin type SHARED by default

* wip:find plugin either by identifier or by id while creating a new version of existing plugin

* wip: create new plugin tag logic improved

* wip: optimize GetAllFilteredPluginParentMetadata query

* wip: create plugin tag new flow

* wip: minor fix

* wip: minor fix

* wip: minor fix

* wip: newTagsPresent -> areNewTagsPresent

* wip: icon is not  mandatory code incorporated

* wip:minor refactoring

* wip: prevent duplicate version from being created and save tags relation only when

* wip: minor fix

* wip: details api, get all plugin data or non

* wip: code review incorp part -1

* wip: code review incorp part -2

* wip: code review incorp part -3

* wip: remove code duplication

* wip: hardcode isExposed to true

* wip: hardcode StepType= inline

* wip: set default VariableStepIndex= 1

* Revert "feat: plugin creation support (#5630)" (#5778)

This reverts commit 4296366ae288f3a67f87e547d2b946acbcd2dd65.

* script no. fix

---------

Co-authored-by: Rajeev Ranjan <90333766+RajeevRanjan27@users.noreply.github.com>
Co-authored-by: prakhar katiyar <39842461+prkhrkat@users.noreply.github.com>
Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>
Co-authored-by: Badal Kumar <130441461+badal773@users.noreply.github.com>
Co-authored-by: Badal Kumar Prusty <badalkumar@Badals-MacBook-Pro.local>
Co-authored-by: kripanshdevtron <107392309+kripanshdevtron@users.noreply.github.com>
Co-authored-by: kartik-579 <84493919+kartik-579@users.noreply.github.com>
Co-authored-by: ayu-devtron <167413063+ayu-devtron@users.noreply.github.com>
Co-authored-by: Vikram Singh <vikram@devtron.ai>
Co-authored-by: Gireesh Naidu <111440205+gireesh-naidu@users.noreply.github.com>
Co-authored-by: Shivam Nagar <124123645+Shivam-nagar23@users.noreply.github.com>
Co-authored-by: adi6859 <aditya.ar1909@gmail.com>
Co-authored-by: iamayushm <32041961+iamayushm@users.noreply.github.com>
Co-authored-by: Asutosh Das <asutosh2000ad@gmail.com>
Co-authored-by: Vikram <73224103+vikramdevtron@users.noreply.github.com>
Co-authored-by: Prakarsh <71125043+prakarsh-dt@users.noreply.github.com>
Co-authored-by: Bhushan Nemade <bhushan.nemade@devtron.ai>
Co-authored-by: Pawan Mehta <117346502+pawan-mehta-dt@users.noreply.github.com>
Co-authored-by: akshatsinha007 <156403098+akshatsinha007@users.noreply.github.com>

* chore: plugin creation oss (#5780)

* wip: new plugin creation api and min plugin api with only shared plugin list

* wip: create new plugin version code

* wip:plugin type SHARED by default

* wip:find plugin either by identifier or by id while creating a new version of existing plugin

* wip: create new plugin tag logic improved

* wip: optimize GetAllFilteredPluginParentMetadata query

* wip: create plugin tag new flow

* wip: minor fix

* wip: minor fix

* wip: minor fix

* wip: newTagsPresent -> areNewTagsPresent

* wip: icon is not  mandatory code incorporated

* wip:minor refactoring

* wip: prevent duplicate version from being created and save tags relation only when

* wip: minor fix

* wip: details api, get all plugin data or non

* wip: code review incorp part -1

* wip: code review incorp part -2

* wip: code review incorp part -3

* wip: remove code duplication

* wip: hardcode isExposed to true

* wip: hardcode StepType= inline

* wip: set default VariableStepIndex= 1

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* doc: Edit Deployment Chart Schema (#5735)

* Edit Deployment Chart Schema

* Fixes

* PM + CO Feedback Incorporated

* doc: Redirection of old entry in gitbook.yaml (#5738)

* Edit Deployment Chart Schema

* Fixes

* PM + CO Feedback Incorporated

* Redirected Old Entry

* docs: added Documentation for Air-Gapped Installation (#5360)

* added docs for air-gapped-installation

* added all the images in 7.0.0

* modified yq command in the docs

* added an entry in summary.md

* added installation commands

* modified statements

* modified variable name

* added steps to navigation

* added the latest oss chart images

* added a note for docker

* Added Intro + Proofreading + Structuring

* Other fixes

* Lang fix

* added docs for ea-mode only

* modified lang

* Update install-devtron-in-airgapped-environment.md

Changed h3 header to fit the ToC on the RHS

* added changes

* modified changes

---------

Co-authored-by: Badal Kumar Prusty <badalkumar@Badals-MacBook-Pro.local>
Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* feat: Env description handling (#5744)

* env description handling added

* license handling

* misc: Main sync rc - branch update (#5753)

* added config sql script (#5681)

* feat: CVE severity categorisation and scan result listing API enhancements (#5617)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* fix: update script numbers

* fix: minor fix

* feat: casbin deny policy sql scripts (#5677)

* system controller scripts

* script additions

* sql cript update

* sql script number chnage

* feat: Config diff phase 2 oss (#5488)

* story(configDiffView) : open api spec

* story(configDiffView) : open api spec updated

* story(configDiffView) : open api spec updated for error state

* story(configDiffView) : WIP

* story(configDiffView) : WIP "some code changed"

* story(configDiffView) : support for names added

* story(configDiffView) : iota removed

* story(configDiffView) : pg no rows handled

* story(configDiffView) : spelling check

* story(configDiffView) : code review comment resolved

* story(configDiffView) : env id added

* story(configDiffView) : intersection added

* story(configDiffView) : comments removed

* story(configDiffView) : code review comment resolved

* story(configDiffView) : comment removed

* story(configDiffView) : CMCSNames DTO moved

* story(configDiffView) : null case handled

* story(configDiffView) : logger added

* story(configDiffView) : code refactored

* story(configDiffView) : code refactored v2

* story(configDiffView) : spec updated

* story(configDiffView) : code refactored

* story(configDiffView) : config names

* main sync

* overridden and global flag introduced in config diff autocomplete api

* ent sync

* get config data in resthandler

* new api for showing all config data in config/data :- Service func -> GetAllConfigData

* using a single key instead of global and overridden key in config/autocomplete api

* ConfigState made string instead of int

* not sending inheriting in case base config

* code review comment incorporation

* ent sync

* code review comment incorp -1

* code review comment incorp -2

* code review comment incorp -3

* small fix in plugin

* migration number changes (#5692)

* main sync

* minor fix

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* scipt number change

---------

Co-authored-by: adi6859 <aditya.ar1909@gmail.com>
Co-authored-by: Vikram Singh <vikram@devtron.ai>

* fix: Helm apps entries in Ea mode (#5652)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* executed make after merging with develop branch

* feat: refactoring deployment app name usage (#5702)

* removing hard coded deployment app name

* removing %s-%s usage

* wip: query change for enterprise

* wip

* wip

* wip

* adding release mode in deployment config

* wip: release changes

* left join on pco and artifact

* handling empty release mode - backward compatibility

* fixing panic

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* migration updated

* main merge and migration script updated

* wip

* review changes

* fix sql no

---------

Co-authored-by: Prakash <prakash.kumar@devtron.ai>

* migration syn with ent (#5719)

* fix: group image vulnerabilities by base/os image (#5680)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* feat: storing target,class and type values in imageScanExecutionResults

* feat: add sql script

* feat: add sql script

* fix: add new columns

* fix: update script numbers

* fix: correct down script

* fix: minor fix

* chore: script number update

* fix: remove sql script (#5727)

* Revert "fix: Helm apps entries in Ea mode (#5652)" (#5733)

This reverts commit f1aa1fca0624af32de5e620ceba4548488a07127.

* chore: custom argo-workflow dependency (#5731)

* bumped github.com/argoproj/argo-workflows/v3 v3.5.10 => github.com/devtron-labs/argo-workflows/v3 v3.5.10

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* reverted main branch changes

* reverted main branch changes

---------

Co-authored-by: Prakash <prakash.kumar@devtron.ai>
Co-authored-by: Rajeev Ranjan <90333766+RajeevRanjan27@users.noreply.github.com>
Co-authored-by: prakhar katiyar <39842461+prkhrkat@users.noreply.github.com>

* chore: fix go.sum file (#5734)

* misc: Main sync develop (#5737)

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

---------

Co-authored-by: Prakash <prakash.kumar@devtron.ai>
Co-authored-by: Rajeev Ranjan <90333766+RajeevRanjan27@users.noreply.github.com>
Co-authored-by: prakhar katiyar <39842461+prkhrkat@users.noreply.github.com>

* fix: Validate config cm cs (#5750)

* validateConfigRequest before CMGlobalAddUpdate and CSGlobalAddUpdate

* checkIfConfigDataAlreadyExist

---------

Co-authored-by: ayu-devtron <167413063+ayu-devtron@users.noreply.github.com>
Co-authored-by: Vikram Singh <vikram@devtron.ai>
Co-authored-by: Gireesh Naidu <111440205+gireesh-naidu@users.noreply.github.com>
Co-authored-by: Shivam Nagar <124123645+Shivam-nagar23@users.noreply.github.com>
Co-authored-by: Prakash <prakash.kumar@devtron.ai>
Co-authored-by: adi6859 <aditya.ar1909@gmail.com>
Co-authored-by: Rajeev Ranjan <90333766+RajeevRanjan27@users.noreply.github.com>
Co-authored-by: iamayushm <32041961+iamayushm@users.noreply.github.com>
Co-authored-by: prakhar katiyar <39842461+prkhrkat@users.noreply.github.com>
Co-authored-by: Asutosh Das <asutosh2000ad@gmail.com>
Co-authored-by: Vikram <73224103+vikramdevtron@users.noreply.github.com>
Co-authored-by: Prakarsh <71125043+prakarsh-dt@users.noreply.github.com>

* doc: Update prerequisites of code-scan (#5625)

* Update prerequisites of code-scan

* Hyperlinked the Vulnerability scanning doc

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* fix: ci patch rbac for branch update (#5759)

* feat: Added basic auth support for servicemonitor (#5761)

* Added support for basic auth in servicemonitor

* Added support for namespace selector and custom matchLabels

* Fixed indentations

* fix: Bitnami chart repo tls issue (#5740)

* bitnami_chart_fix

* Rename 278_bitnami_chart_fix.down.sql to 282_bitnami_chart_fix.down.sql

* Rename 278_bitnami_chart_fix.up.sql to 282_bitnami_chart_fix.up.sql

---------

Co-authored-by: Pawan Mehta <117346502+pawan-mehta-dt@users.noreply.github.com>

* doc: Cosign plugin doc (#5665)

* doc for cosign plugin

* edits in task name

* updates in intro and other fixes.

* Attached link to Cosign GitHub repo

* Hyperlink fixes

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* fix: check rbac on env if envName is present (#5765)

* admin check fix in config draft

* minor fix

* doc: CraneCopy plugin doc (#5658)

* doc for

* edits in task name

* spelling correction

* Updated password

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* doc: Devtron CD Trigger Plugin doc  (#5747)

* devtron-cd-trigger plugin doc

* minor update

* Proofreading done

* Update devtron-cd-trigger.md

* Removed unwanted phrase

* Changed wording

* Changed plurality

* Updated devtron token

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* doc: DockerSlim plugin doc (#5660)

* doc for DockerSlim plugin

* Updated Docker-Slim to DockerSlim

* Minor fixes

* url update

* Fixes in url

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* doc: Devtron Job Trigger Plugin doc (#5742)

* devtron-job-trigger plugin doc

* summary updated

* Updated input variable description

* token value updated

---------

Co-authored-by: ashokdevtron <141001279+ashokdevtron@users.noreply.github.com>

* fix: scan tool active check removed (#5771)

* scan tool active check removed

* query fix

* feat: Docker pull env driven (#5767)

* useDockerApiToGetDigest menv driven flag to control pulling image either using docker pull or docker API

* UseAppDockerConfigForPrivateRegistries in workflow request

* revert

* revert

* fix: panic handlings and argocd app delete stuck in partial stage (#5770)

* fix: panic handlings

* fix: false positive matrics on gitOps failures

* fix: for GetConfigForHelmApps err: pg no row

* feat: plugin creation support (#5630)

* wip: new plugin creation api and min plugin api with only shared plugin list

* wip: create new plugin version code

* wip:plugin type SHARED by default

* wip:find plugin either by identifier or by id while creating a new version of existing plugin

* wip: create new plugin tag logic improved

* wip: optimize GetAllFilteredPluginParentMetadata query

* wip: create plugin tag new flow

* wip: minor fix

* wip: minor fix

* wip: minor fix

* wip: newTagsPresent -> areNewTagsPresent

* wip: icon is not  mandatory code incorporated

* wip:minor refactoring

* wip: prevent duplicate version from being created and save tags relation only when

* wip: minor fix

*…
  • Loading branch information
23 people committed Sep 18, 2024
1 parent 1265542 commit 3fa1069
Show file tree
Hide file tree
Showing 10 changed files with 465 additions and 426 deletions.
432 changes: 280 additions & 152 deletions api/auth/user/UserRestHandler.go

Large diffs are not rendered by default.

12 changes: 8 additions & 4 deletions api/bean/UserRequest.go
Original file line number Diff line number Diff line change
Expand Up @@ -111,10 +111,14 @@ const (
type PolicyType int

const (
POLICY_DIRECT PolicyType = 1
POLICY_GROUP PolicyType = 1
SUPERADMIN = "role:super-admin___"
USER_TYPE_API_TOKEN = "apiToken"
POLICY_DIRECT PolicyType = 1
POLICY_GROUP PolicyType = 1
SUPERADMIN = "role:super-admin___"
APP_ACCESS_TYPE_HELM = "helm-app"
USER_TYPE_API_TOKEN = "apiToken"
CHART_GROUP_ENTITY = "chart-group"
CLUSTER_ENTITIY = "cluster"
ACTION_SUPERADMIN = "super-admin"
)

type UserListingResponse struct {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2023,13 +2023,13 @@ func (handler *PipelineConfigRestHandlerImpl) GetCdPipelineById(w http.ResponseW
return
}

ciConf, err := handler.pipelineBuilder.GetCdPipelineById(pipelineId)
cdPipeline, err := handler.pipelineBuilder.GetCdPipelineById(pipelineId)
if err != nil {
handler.Logger.Errorw("service err, GetCdPipelineById", "err", err, "appId", appId, "pipelineId", pipelineId)
common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
return
}
cdResp, err := pipeline.CreatePreAndPostStageResponse(ciConf, version)
cdResp, err := pipeline.CreatePreAndPostStageResponse(cdPipeline, version)
if err != nil {
handler.Logger.Errorw("service err, CheckForVersionAndCreatePreAndPostStagePayload", "err", err, "appId", appId, "pipelineId", pipelineId)
common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
Expand Down
2 changes: 1 addition & 1 deletion pkg/apiToken/ApiTokenService.go
Original file line number Diff line number Diff line change
Expand Up @@ -205,7 +205,7 @@ func (impl ApiTokenServiceImpl) CreateApiToken(request *openapi.CreateApiTokenRe
EmailId: email,
UserType: bean.USER_TYPE_API_TOKEN,
}
createUserResponse, _, err := impl.userService.CreateUser(&createUserRequest, token, managerAuth)
createUserResponse, err := impl.userService.CreateUser(&createUserRequest)
if err != nil {
impl.logger.Errorw("error while creating user for api-token", "email", email, "error", err)
return nil, err
Expand Down
59 changes: 33 additions & 26 deletions pkg/auth/user/RoleGroupService.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ import (
"errors"
"fmt"
"github.com/devtron-labs/devtron/pkg/auth/user/repository/helper"
"net/http"
"strings"
"time"

Expand All @@ -37,7 +38,8 @@ import (

type RoleGroupService interface {
CreateRoleGroup(request *bean.RoleGroup) (*bean.RoleGroup, error)
UpdateRoleGroup(request *bean.RoleGroup, token string, managerAuth func(resource, token string, object string) bool) (*bean.RoleGroup, error)
UpdateRoleGroup(request *bean.RoleGroup, token string, checkRBACForGroupUpdate func(token string, groupInfo *bean.RoleGroup,
eliminatedRoleFilters []*repository.RoleModel) (isAuthorised bool, err error)) (*bean.RoleGroup, error)
FetchDetailedRoleGroups(req *bean.ListingRequest) ([]*bean.RoleGroup, error)
FetchRoleGroupsById(id int32) (*bean.RoleGroup, error)
FetchRoleGroups() ([]*bean.RoleGroup, error)
Expand Down Expand Up @@ -136,21 +138,21 @@ func (impl RoleGroupServiceImpl) CreateRoleGroup(request *bean.RoleGroup) (*bean
for index, roleFilter := range request.RoleFilters {
entity := roleFilter.Entity
if entity == bean2.CLUSTER_ENTITIY {
policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForClusterEntity(roleFilter, request.UserId, model, nil, "", nil, tx, mapping[index])
policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForClusterEntity(roleFilter, request.UserId, model, nil, tx, mapping[index])
policies = append(policies, policiesToBeAdded...)
if err != nil {
// making it non-blocking as it is being done for multiple Role filters and does not want this to be blocking.
impl.logger.Errorw("error in creating updating role group for cluster entity", "err", err, "roleFilter", roleFilter)
}
} else if entity == bean2.EntityJobs {
policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForJobsEntity(roleFilter, request.UserId, model, nil, "", nil, tx, mapping[index])
policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForJobsEntity(roleFilter, request.UserId, model, nil, tx, mapping[index])
policies = append(policies, policiesToBeAdded...)
if err != nil {
// making it non-blocking as it is being done for multiple Role filters and does not want this to be blocking.
impl.logger.Errorw("error in creating updating role group for jobs entity", "err", err, "roleFilter", roleFilter)
}
} else {
policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForOtherEntity(roleFilter, request, model, nil, "", nil, tx, mapping[index])
policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForOtherEntity(roleFilter, request, model, nil, tx, mapping[index])
policies = append(policies, policiesToBeAdded...)
if err != nil {
// making it non-blocking as it is being done for multiple Role filters and does not want this to be blocking.
Expand Down Expand Up @@ -199,7 +201,7 @@ func (impl RoleGroupServiceImpl) CreateRoleGroup(request *bean.RoleGroup) (*bean
return request, nil
}

func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForClusterEntity(roleFilter bean.RoleFilter, userId int32, model *repository.RoleGroup, existingRoles map[int]*repository.RoleGroupRoleMapping, token string, managerAuth func(resource string, token string, object string) bool, tx *pg.Tx, capacity int) ([]casbin2.Policy, error) {
func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForClusterEntity(roleFilter bean.RoleFilter, userId int32, model *repository.RoleGroup, existingRoles map[int]*repository.RoleGroupRoleMapping, tx *pg.Tx, capacity int) ([]casbin2.Policy, error) {
//var policiesToBeAdded []casbin2.Policy
namespaces := strings.Split(roleFilter.Namespace, ",")
groups := strings.Split(roleFilter.Group, ",")
Expand All @@ -213,12 +215,6 @@ func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForClusterEntity(roleFil
for _, group := range groups {
for _, kind := range kinds {
for _, resource := range resources {
if managerAuth != nil {
isValidAuth := impl.userCommonService.CheckRbacForClusterEntity(roleFilter.Cluster, namespace, group, kind, resource, token, managerAuth)
if !isValidAuth {
continue
}
}
roleModel, err := impl.userAuthRepository.GetRoleByFilterForAllTypes(entity, "", "", "", "", accessType, roleFilter.Cluster, namespace, group, kind, resource, actionType, false, "")
if err != nil {
impl.logger.Errorw("error in getting new role model by filter")
Expand Down Expand Up @@ -263,7 +259,7 @@ func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForClusterEntity(roleFil
return policiesToBeAdded, nil
}

func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForOtherEntity(roleFilter bean.RoleFilter, request *bean.RoleGroup, model *repository.RoleGroup, existingRoles map[int]*repository.RoleGroupRoleMapping, token string, managerAuth func(resource string, token string, object string) bool, tx *pg.Tx, capacity int) ([]casbin2.Policy, error) {
func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForOtherEntity(roleFilter bean.RoleFilter, request *bean.RoleGroup, model *repository.RoleGroup, existingRoles map[int]*repository.RoleGroupRoleMapping, tx *pg.Tx, capacity int) ([]casbin2.Policy, error) {
actionType := roleFilter.Action
accessType := roleFilter.AccessType
entity := roleFilter.Entity
Expand Down Expand Up @@ -319,7 +315,7 @@ func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForOtherEntity(roleFilte
return policiesToBeAdded, nil
}

func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForJobsEntity(roleFilter bean.RoleFilter, userId int32, model *repository.RoleGroup, existingRoles map[int]*repository.RoleGroupRoleMapping, token string, managerAuth func(resource string, token string, object string) bool, tx *pg.Tx, capacity int) ([]casbin2.Policy, error) {
func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForJobsEntity(roleFilter bean.RoleFilter, userId int32, model *repository.RoleGroup, existingRoles map[int]*repository.RoleGroupRoleMapping, tx *pg.Tx, capacity int) ([]casbin2.Policy, error) {
actionType := roleFilter.Action
accessType := roleFilter.AccessType
entity := roleFilter.Entity
Expand Down Expand Up @@ -372,7 +368,8 @@ func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForJobsEntity(roleFilter
return policiesToBeAdded, nil
}

func (impl RoleGroupServiceImpl) UpdateRoleGroup(request *bean.RoleGroup, token string, managerAuth func(resource, token string, object string) bool) (*bean.RoleGroup, error) {
func (impl RoleGroupServiceImpl) UpdateRoleGroup(request *bean.RoleGroup, token string, checkRBACForGroupUpdate func(token string, groupInfo *bean.RoleGroup,
eliminatedRoleFilters []*repository.RoleModel) (isAuthorised bool, err error)) (*bean.RoleGroup, error) {
dbConnection := impl.roleGroupRepository.GetConnection()
tx, err := dbConnection.Begin()
if err != nil {
Expand Down Expand Up @@ -404,6 +401,8 @@ func (impl RoleGroupServiceImpl) UpdateRoleGroup(request *bean.RoleGroup, token
var eliminatedPolicies []casbin2.Policy
capacity, mapping := impl.userCommonService.GetCapacityForRoleFilter(request.RoleFilters)
var policies = make([]casbin2.Policy, 0, capacity)
var eliminatedRoleModels []*repository.RoleModel
var items []casbin2.Policy
if request.SuperAdmin == false {
roleGroupMappingModels, err := impl.roleGroupRepository.GetRoleGroupRoleMappingByRoleGroupId(roleGroup.Id)
if err != nil {
Expand All @@ -417,7 +416,7 @@ func (impl RoleGroupServiceImpl) UpdateRoleGroup(request *bean.RoleGroup, token

// DELETE PROCESS STARTS

items, err := impl.userCommonService.RemoveRolesAndReturnEliminatedPoliciesForGroups(request, existingRoles, eliminatedRoles, tx, token, managerAuth)
items, eliminatedRoleModels, err = impl.userCommonService.RemoveRolesAndReturnEliminatedPoliciesForGroups(request, existingRoles, eliminatedRoles, tx)
if err != nil {
return nil, err
}
Expand All @@ -427,32 +426,24 @@ func (impl RoleGroupServiceImpl) UpdateRoleGroup(request *bean.RoleGroup, token
//Adding New Policies
for index, roleFilter := range request.RoleFilters {
if roleFilter.Entity == bean2.CLUSTER_ENTITIY {
policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForClusterEntity(roleFilter, request.UserId, roleGroup, existingRoles, token, managerAuth, tx, mapping[index])
policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForClusterEntity(roleFilter, request.UserId, roleGroup, existingRoles, tx, mapping[index])
policies = append(policies, policiesToBeAdded...)
if err != nil {
impl.logger.Errorw("error in creating updating role group for cluster entity", "err", err, "roleFilter", roleFilter)
}
} else {
if len(roleFilter.Team) > 0 {
// check auth only for apps permission, skip for chart group
rbacObject := fmt.Sprintf("%s", roleFilter.Team)
isValidAuth := managerAuth(casbin2.ResourceUser, token, rbacObject)
if !isValidAuth {
continue
}
}
switch roleFilter.Entity {
case bean2.EntityJobs:
{
policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForJobsEntity(roleFilter, request.UserId, roleGroup, existingRoles, token, managerAuth, tx, mapping[index])
policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForJobsEntity(roleFilter, request.UserId, roleGroup, existingRoles, tx, mapping[index])
policies = append(policies, policiesToBeAdded...)
if err != nil {
impl.logger.Errorw("error in creating updating role group for jobs entity", "err", err, "roleFilter", roleFilter)
}
}
default:
{
policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForOtherEntity(roleFilter, request, roleGroup, existingRoles, token, managerAuth, tx, mapping[index])
policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForOtherEntity(roleFilter, request, roleGroup, existingRoles, tx, mapping[index])
policies = append(policies, policiesToBeAdded...)
if err != nil {
impl.logger.Errorw("error in creating updating role group for other entity", "err", err, "roleFilter", roleFilter)
Expand Down Expand Up @@ -483,6 +474,22 @@ func (impl RoleGroupServiceImpl) UpdateRoleGroup(request *bean.RoleGroup, token
policies = append(policies, casbin2.Policy{Type: "g", Sub: casbin2.Subject(roleGroup.CasbinName), Obj: casbin2.Object(roleModel.Role)})
}
}

if checkRBACForGroupUpdate != nil {
isAuthorised, err := checkRBACForGroupUpdate(token, request, eliminatedRoleModels)
if err != nil {
impl.logger.Errorw("error in checking RBAC for role group update", "err", err, "request", request)
return nil, err
} else if !isAuthorised {
impl.logger.Errorw("rbac check failed for role group update", "request", request)
return nil, &util.ApiError{
Code: "403",
HttpStatusCode: http.StatusForbidden,
UserMessage: "unauthorized",
}
}
}

//deleting policies from casbin
impl.logger.Debugw("eliminated policies", "eliminatedPolicies", eliminatedPolicies)
if len(eliminatedPolicies) > 0 {
Expand Down
Loading

0 comments on commit 3fa1069

Please sign in to comment.