Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(jans-linux-setup): download from tags #10391

Merged
merged 1 commit into from
Dec 11, 2024
Merged

fix(jans-linux-setup): download from tags #10391

merged 1 commit into from
Dec 11, 2024

Conversation

devrimyatar
Copy link
Contributor

Closes #10386

  • I confirm that there is no impact on the docs due to the code changes in this PR.

@devrimyatar
fix(jans-linux-setup): download from tags
212e3ec 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@devrimyatar devrimyatar added kind-bug Issue or PR is a bug in existing functionality comp-jans-linux-setup Component affected by issue or PR labels Dec 11, 2024
@devrimyatar devrimyatar requested a review from moabu December 11, 2024 14:22
@dryrunsecurity DryRunSecurity
Copy link

DryRun Security Summary

The pull request enhances the Janssen Server installation script's download functionality by improving error handling, adding a fallback download mechanism, and implementing a GitHub access token requirement for the "openbanking" profile, ultimately improving the script's robustness and security.

Expand for full summary

Summary:

The code changes in this pull request focus on improving the download functionality of the Janssen Server installation script. The key changes include better error handling when the initial download from the main branch URL fails, a fallback option to try downloading from the tags URL, and the requirement of a GitHub access token for downloading the "openbanking" profile. These changes enhance the overall robustness and reliability of the installation process, which can be beneficial for the security of the deployed Janssen Server.

While the changes themselves do not raise any immediate security concerns, it's important to note that the installation script as a whole deals with sensitive tasks, such as downloading, extracting, and installing the Janssen Server components. Ensuring the overall security of the installation process, including verifying the integrity and authenticity of the downloaded files, is crucial to maintain the security of the deployed Janssen Server.

Files Changed:

  • jans-linux-setup/jans_setup/install.py: This file contains the code for the Janssen Server installation script. The changes in this pull request focus on improving the download functionality of the script, including:
    1. Better error handling when the initial download from the main branch URL fails, providing more informative feedback to the user.
    2. A fallback option to try downloading the Janssen archive from the tags URL if the initial download fails.
    3. Requiring a GitHub access token for downloading the "openbanking" profile, which is a security-conscious approach.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-linux-setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@yuriyz yuriyz enabled auto-merge (squash) December 11, 2024 14:49
@yuriyz yuriyz merged commit c6d95a1 into main Dec 11, 2024
13 checks passed
@yuriyz yuriyz deleted the jans-linux-setup-download-from-tags branch December 11, 2024 14:49
@mo-auto mo-auto mentioned this pull request Dec 23, 2024
Merged
ossdhaval pushed a commit that referenced this pull request Dec 27, 2024
@devrimyatar
fix(jans-linux-setup): download from tags (#10391)
655ae72 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yuriyz yuriyz yuriyz approved these changes

@yuriyzz yuriyzz yuriyzz approved these changes

@moabu moabu Awaiting requested review from moabu

@yurem yurem Awaiting requested review from yurem yurem is a code owner

Assignees
No one assigned
Labels
comp-jans-linux-setup Component affected by issue or PR kind-bug Issue or PR is a bug in existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fix(jans-linux-setup): issue when passing nightly tag to run setup from
3 participants
@devrimyatar @yuriyz @yuriyzz