Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add reference data for secrets store connectors #8396

Merged
merged 3 commits into from
Sep 25, 2024
Merged

Add reference data for secrets store connectors #8396

merged 3 commits into from
Sep 25, 2024

Conversation

mandy-chessell
Copy link
Contributor

Description

This PR adds the reference data and frameworks for software servers to use the secrets stores

Related Issue(s)

None

Testing

Simple UT

Release Notes & Documentation

Not yet - next PR

Additional notes

None

@mandy-chessell
Add reference data for secrets store connectors
84f6efb 
Signed-off-by: Mandy Chessell <mandy.e.chessell@gmail.com>
@mandy-chessell
Add latest content packs
b402bc2 
Signed-off-by: Mandy Chessell <mandy.e.chessell@gmail.com>
@mandy-chessell mandy-chessell merged commit e2dcac8 into odpi:main Sep 25, 2024
4 checks passed
github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 25, 2024
View reviewed changes
...src/main/java/org/odpi/openmetadata/adapters/connectors/restclients/RESTClientConnector.java
*
* @return id, name, description, wiki page URL.
*/
public ComponentDescription getConnectorComponentDescription()

Check notice

Code scanning / CodeQL

Missing Override annotation Note

This method overrides
AuditLoggingComponent.getConnectorComponentDescription
Loading
; it is advisable to add an Override annotation.
...in/java/org/odpi/openmetadata/adapters/connectors/restclients/factory/RESTClientFactory.java
*
* @return Connection bean
*/
protected Connection getConnectionBean()

Check notice

Code scanning / CodeQL

Missing Override annotation Note

This method overrides
ConnectionProperties.getConnectionBean
Loading
; it is advisable to add an Override annotation.
.../org/odpi/openmetadata/adapters/connectors/restclients/spring/SpringRESTClientConnector.java
if ((userId != null) && (password != null))
if ((secretsStoreConnectorMap != null) && (! secretsStoreConnectorMap.isEmpty()))
{
log.debug("Using secrets connector to call server {} on platform {} .", this.serverName, this.serverPlatformURLRoot);

Check failure

Code scanning / CodeQL

Log Injection High

This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
.../org/odpi/openmetadata/adapters/connectors/restclients/spring/SpringRESTClientConnector.java
if ((userId != null) && (password != null))
if ((secretsStoreConnectorMap != null) && (! secretsStoreConnectorMap.isEmpty()))
{
log.debug("Using secrets connector to call server {} on platform {} .", this.serverName, this.serverPlatformURLRoot);

Check failure

Code scanning / CodeQL

Insertion of sensitive information into log files High

This
potentially sensitive information
Loading
is written to a log file.
This
potentially sensitive information
Loading
is written to a log file.
.../org/odpi/openmetadata/adapters/connectors/restclients/spring/SpringRESTClientConnector.java
if ((userId != null) && (password != null))
if ((secretsStoreConnectorMap != null) && (! secretsStoreConnectorMap.isEmpty()))
{
log.debug("Using secrets connector to call server {} on platform {} .", this.serverName, this.serverPlatformURLRoot);

Check failure

Code scanning / CodeQL

Log Injection High

This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a
user-provided value
Loading
.
This log entry depends on a [user-p
.../org/odpi/openmetadata/adapters/connectors/restclients/spring/SpringRESTClientConnector.java

basicAuthorizationHeader = this.createHeaders(userId, password);
authorizationHeader = this.createAuthorizationHeaders(userId, password);

Check failure

Code scanning / CodeQL

User-controlled bypass of sensitive method High

Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a
this condition
Loading
, which flows from
user-controlled value
Loading
.
Sensitive method may not be executed depending on a [this condit
...ector-framework/src/main/java/org/odpi/openmetadata/frameworks/connectors/ConnectorBase.java

if (integerOption != null)
{
return Long.parseLong(integerOption.toString());

Check notice

Code scanning / CodeQL

Missing catch of NumberFormatException Note

Potential uncaught 'java.lang.NumberFormatException'.
...amework/src/main/java/org/odpi/openmetadata/frameworks/connectors/SecretsStoreConnector.java
*
* @return id, name, description, wiki page URL.
*/
public ComponentDescription getConnectorComponentDescription()

Check notice

Code scanning / CodeQL

Missing Override annotation Note

This method overrides
AuditLoggingComponent.getConnectorComponentDescription
Loading
; it is advisable to add an Override annotation.
...org/odpi/openmetadata/archiveutilities/openconnectors/base/ContentPackBaseArchiveWriter.java
@@ -446,6 +451,8 @@
String connectorTypeGUID,
String networkAddress,
Map<String, Object> configurationProperties,
String secretsStorePurpose,

Check notice

Code scanning / CodeQL

Useless parameter Note

The parameter 'secretsStorePurpose' is never used.
...org/odpi/openmetadata/archiveutilities/openconnectors/base/ContentPackBaseArchiveWriter.java
@@ -446,6 +451,8 @@
String connectorTypeGUID,
String networkAddress,
Map<String, Object> configurationProperties,
String secretsStorePurpose,
ConnectorProvider secretsStoreProvider,

Check notice

Code scanning / CodeQL

Useless parameter Note

The parameter 'secretsStoreProvider' is never used.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cmgrote cmgrote Awaiting requested review from cmgrote cmgrote is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@mandy-chessell