Skip to content

Commit

Permalink
fix: sync with common-lib changes (#5820)
Browse files Browse the repository at this point in the history
* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* doc: Edit Deployment Chart Schema (#5735)

* Edit Deployment Chart Schema

* Fixes

* PM + CO Feedback Incorporated

* doc: Redirection of old entry in gitbook.yaml (#5738)

* Edit Deployment Chart Schema

* Fixes

* PM + CO Feedback Incorporated

* Redirected Old Entry

* docs: added Documentation for Air-Gapped Installation (#5360)

* added docs for air-gapped-installation

* added all the images in 7.0.0

* modified yq command in the docs

* added an entry in summary.md

* added installation commands

* modified statements

* modified variable name

* added steps to navigation

* added the latest oss chart images

* added a note for docker

* Added Intro + Proofreading + Structuring

* Other fixes

* Lang fix

* added docs for ea-mode only

* modified lang

* Update install-devtron-in-airgapped-environment.md

Changed h3 header to fit the ToC on the RHS

* added changes

* modified changes

---------

Co-authored-by: Badal Kumar Prusty <[email protected]>
Co-authored-by: ashokdevtron <[email protected]>

* feat: Env description handling (#5744)

* env description handling added

* license handling

* misc: Main sync rc - branch update (#5753)

* added config sql script (#5681)

* feat: CVE severity categorisation and scan result listing API enhancements (#5617)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* fix: update script numbers

* fix: minor fix

* feat: casbin deny policy sql scripts (#5677)

* system controller scripts

* script additions

* sql cript update

* sql script number chnage

* feat: Config diff phase 2 oss (#5488)

* story(configDiffView) : open api spec

* story(configDiffView) : open api spec updated

* story(configDiffView) : open api spec updated for error state

* story(configDiffView) : WIP

* story(configDiffView) : WIP "some code changed"

* story(configDiffView) : support for names added

* story(configDiffView) : iota removed

* story(configDiffView) : pg no rows handled

* story(configDiffView) : spelling check

* story(configDiffView) : code review comment resolved

* story(configDiffView) : env id added

* story(configDiffView) : intersection added

* story(configDiffView) : comments removed

* story(configDiffView) : code review comment resolved

* story(configDiffView) : comment removed

* story(configDiffView) : CMCSNames DTO moved

* story(configDiffView) : null case handled

* story(configDiffView) : logger added

* story(configDiffView) : code refactored

* story(configDiffView) : code refactored v2

* story(configDiffView) : spec updated

* story(configDiffView) : code refactored

* story(configDiffView) : config names

* main sync

* overridden and global flag introduced in config diff autocomplete api

* ent sync

* get config data in resthandler

* new api for showing all config data in config/data :- Service func -> GetAllConfigData

* using a single key instead of global and overridden key in config/autocomplete api

* ConfigState made string instead of int

* not sending inheriting in case base config

* code review comment incorporation

* ent sync

* code review comment incorp -1

* code review comment incorp -2

* code review comment incorp -3

* small fix in plugin

* migration number changes (#5692)

* main sync

* minor fix

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* scipt number change

---------

Co-authored-by: adi6859 <[email protected]>
Co-authored-by: Vikram Singh <[email protected]>

* fix: Helm apps entries in Ea mode (#5652)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* executed make after merging with develop branch

* feat: refactoring deployment app name usage (#5702)

* removing hard coded deployment app name

* removing %s-%s usage

* wip: query change for enterprise

* wip

* wip

* wip

* adding release mode in deployment config

* wip: release changes

* left join on pco and artifact

* handling empty release mode - backward compatibility

* fixing panic

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* migration updated

* main merge and migration script updated

* wip

* review changes

* fix sql no

---------

Co-authored-by: Prakash <[email protected]>

* migration syn with ent (#5719)

* fix: group image vulnerabilities by base/os image (#5680)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* feat: storing target,class and type values in imageScanExecutionResults

* feat: add sql script

* feat: add sql script

* fix: add new columns

* fix: update script numbers

* fix: correct down script

* fix: minor fix

* chore: script number update

* fix: remove sql script (#5727)

* Revert "fix: Helm apps entries in Ea mode (#5652)" (#5733)

This reverts commit f1aa1fc.

* chore: custom argo-workflow dependency (#5731)

* bumped github.com/argoproj/argo-workflows/v3 v3.5.10 => github.com/devtron-labs/argo-workflows/v3 v3.5.10

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* reverted main branch changes

* reverted main branch changes

---------

Co-authored-by: Prakash <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>

* chore: fix go.sum file (#5734)

* misc: Main sync develop (#5737)

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

---------

Co-authored-by: Prakash <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>

* fix: Validate config cm cs (#5750)

* validateConfigRequest before CMGlobalAddUpdate and CSGlobalAddUpdate

* checkIfConfigDataAlreadyExist

---------

Co-authored-by: ayu-devtron <[email protected]>
Co-authored-by: Vikram Singh <[email protected]>
Co-authored-by: Gireesh Naidu <[email protected]>
Co-authored-by: Shivam Nagar <[email protected]>
Co-authored-by: Prakash <[email protected]>
Co-authored-by: adi6859 <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: iamayushm <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>
Co-authored-by: Asutosh Das <[email protected]>
Co-authored-by: Vikram <[email protected]>
Co-authored-by: Prakarsh <[email protected]>

* doc: Update prerequisites of code-scan (#5625)

* Update prerequisites of code-scan

* Hyperlinked the Vulnerability scanning doc

---------

Co-authored-by: ashokdevtron <[email protected]>

* fix: ci patch rbac for branch update (#5759)

* feat: Added basic auth support for servicemonitor (#5761)

* Added support for basic auth in servicemonitor

* Added support for namespace selector and custom matchLabels

* Fixed indentations

* fix: Bitnami chart repo tls issue (#5740)

* bitnami_chart_fix

* Rename 278_bitnami_chart_fix.down.sql to 282_bitnami_chart_fix.down.sql

* Rename 278_bitnami_chart_fix.up.sql to 282_bitnami_chart_fix.up.sql

---------

Co-authored-by: Pawan Mehta <[email protected]>

* doc: Cosign plugin doc (#5665)

* doc for cosign plugin

* edits in task name

* updates in intro and other fixes.

* Attached link to Cosign GitHub repo

* Hyperlink fixes

---------

Co-authored-by: ashokdevtron <[email protected]>

* fix: check rbac on env if envName is present (#5765)

* admin check fix in config draft

* minor fix

* doc: CraneCopy plugin doc (#5658)

* doc for

* edits in task name

* spelling correction

* Updated password

---------

Co-authored-by: ashokdevtron <[email protected]>

* doc: Devtron CD Trigger Plugin doc  (#5747)

* devtron-cd-trigger plugin doc

* minor update

* Proofreading done

* Update devtron-cd-trigger.md

* Removed unwanted phrase

* Changed wording

* Changed plurality

* Updated devtron token

---------

Co-authored-by: ashokdevtron <[email protected]>

* doc: DockerSlim plugin doc (#5660)

* doc for DockerSlim plugin

* Updated Docker-Slim to DockerSlim

* Minor fixes

* url update

* Fixes in url

---------

Co-authored-by: ashokdevtron <[email protected]>

* doc: Devtron Job Trigger Plugin doc (#5742)

* devtron-job-trigger plugin doc

* summary updated

* Updated input variable description

* token value updated

---------

Co-authored-by: ashokdevtron <[email protected]>

* fix: scan tool active check removed (#5771)

* scan tool active check removed

* query fix

* feat: Docker pull env driven (#5767)

* useDockerApiToGetDigest menv driven flag to control pulling image either using docker pull or docker API

* UseAppDockerConfigForPrivateRegistries in workflow request

* revert

* revert

* fix: panic handlings and argocd app delete stuck in partial stage (#5770)

* fix: panic handlings

* fix: false positive matrics on gitOps failures

* fix: for GetConfigForHelmApps err: pg no row

* feat: plugin creation support (#5630)

* wip: new plugin creation api and min plugin api with only shared plugin list

* wip: create new plugin version code

* wip:plugin type SHARED by default

* wip:find plugin either by identifier or by id while creating a new version of existing plugin

* wip: create new plugin tag logic improved

* wip: optimize GetAllFilteredPluginParentMetadata query

* wip: create plugin tag new flow

* wip: minor fix

* wip: minor fix

* wip: minor fix

* wip: newTagsPresent -> areNewTagsPresent

* wip: icon is not  mandatory code incorporated

* wip:minor refactoring

* wip: prevent duplicate version from being created and save tags relation only when

* wip: minor fix

* wip: details api, get all plugin data or non

* wip: code review incorp part -1

* wip: code review incorp part -2

* wip: code review incorp part -3

* wip: remove code duplication

* wip: hardcode isExposed to true

* wip: hardcode StepType= inline

* wip: set default VariableStepIndex= 1

* Revert "feat: plugin creation support (#5630)" (#5778)

This reverts commit 4296366.

* fix: unimplemented cluster cron service (#5781)

* fix: sql injection fixes (#5783)

* sql injection fixes

* query param init fix

* doc: Vulnerability Scanning Plugin doc (#5722)

* vulnerability scanning plugin doc

* summary.md added

* docs: Jira plugins doc (Validator + Updater) (#5709)

* Docs of Jira Plugins - Validator and Updater

* Added Index Links

* Additional Proofreading

* add basic auth and tls for sm (#5789)

* docs: added commands enable ingress during  helm installation (#5794)

* added commands emable ingress during  helm installation

* modified commands

* improved statement

* removed unrequired lines

---------

Co-authored-by: Badal Kumar Prusty <[email protected]>

* Revamped + Restructured Ingress Setup Doc (#5798)

* modifying route (#5799)

Co-authored-by: Badal Kumar Prusty <[email protected]>

* fix: cron status update refactoring (#5790)

Co-authored-by: Nishant <[email protected]>

* docs: modified the anchorlink in ingress.md (#5800)

* modifying route

* modified the anchorlink

---------

Co-authored-by: Badal Kumar Prusty <[email protected]>

* query param split (#5801)

* fix: upgraded to /argo-cd/v2 v2.9.21 (#5758)

* upgraded to /argo-cd/v2 v2.9.21

* argocd vendor files added

* sync with common-lib

* fix: Ea rbac fixes (#5813)

* app found using display or app name

* single query optimization

* display name handling for new apps

---------

Co-authored-by: kartik-579 <[email protected]>

* fix: scan list in global security page sql injection fix (#5808)

* scan list in global security page sql injection fix

* comment

* fix: sync with common-lib changes
This PR was created by multi-gitter to sync common-lib changes across multiple repositories.

* sync with common-lib

---------

Co-authored-by: Prakash <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>
Co-authored-by: ashokdevtron <[email protected]>
Co-authored-by: Badal Kumar <[email protected]>
Co-authored-by: Badal Kumar Prusty <[email protected]>
Co-authored-by: kripanshdevtron <[email protected]>
Co-authored-by: kartik-579 <[email protected]>
Co-authored-by: ayu-devtron <[email protected]>
Co-authored-by: Vikram Singh <[email protected]>
Co-authored-by: Gireesh Naidu <[email protected]>
Co-authored-by: Shivam Nagar <[email protected]>
Co-authored-by: adi6859 <[email protected]>
Co-authored-by: iamayushm <[email protected]>
Co-authored-by: Asutosh Das <[email protected]>
Co-authored-by: Vikram <[email protected]>
Co-authored-by: Prakarsh <[email protected]>
Co-authored-by: Bhushan Nemade <[email protected]>
Co-authored-by: Pawan Mehta <[email protected]>
Co-authored-by: akshatsinha007 <[email protected]>
Co-authored-by: Nishant <[email protected]>
Co-authored-by: kartik-579 <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>
  • Loading branch information
1 parent 5727221 commit 3ad88d5
Show file tree
Hide file tree
Showing 63 changed files with 11,962 additions and 6,205 deletions.
9 changes: 5 additions & 4 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,10 @@ toolchain go1.21.8
require (
github.com/Masterminds/semver v1.5.0
github.com/Pallinder/go-randomdata v1.2.0
github.com/argoproj/argo-cd/v2 v2.8.19
github.com/argoproj/argo-cd/v2 v2.9.21
github.com/argoproj/argo-workflows/v3 v3.5.10
github.com/argoproj/gitops-engine v0.7.1-0.20231013183858-f15cf615b814
github.com/aws/aws-sdk-go v1.44.290
github.com/argoproj/gitops-engine v0.7.1-0.20240715141028-c68bce0f979c
github.com/aws/aws-sdk-go v1.44.317
github.com/caarlos0/env v3.5.0+incompatible
github.com/caarlos0/env/v6 v6.7.2
github.com/casbin/casbin v1.9.1
Expand All @@ -21,7 +21,7 @@ require (
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
github.com/deckarep/golang-set v1.8.0
github.com/devtron-labs/authenticator v0.4.35-0.20240809073103-6e11da8083f8
github.com/devtron-labs/common-lib v0.16.1-0.20240904131140-b4128b676f6c
github.com/devtron-labs/common-lib v0.16.1-0.20240909135009-9ab705e1a141
github.com/devtron-labs/go-bitbucket v0.9.60-beta
github.com/devtron-labs/protos v0.0.3-0.20240802105333-92ee9bb85d80
github.com/evanphx/json-patch v5.7.0+incompatible
Expand Down Expand Up @@ -133,6 +133,7 @@ require (
github.com/cloudflare/circl v1.3.7 // indirect
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
github.com/docker/cli v24.0.6+incompatible // indirect
github.com/docker/distribution v2.8.2+incompatible // indirect
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
github.com/emirpasic/gods v1.18.1 // indirect
Expand Down
25 changes: 14 additions & 11 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -69,8 +69,8 @@ github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuy
github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
github.com/alicebob/gopher-json v0.0.0-20200520072559-a9ecdc9d1d3a h1:HbKu58rmZpUGpz5+4FfNmIU+FmZg2P3Xaj2v2bfNWmk=
github.com/alicebob/gopher-json v0.0.0-20200520072559-a9ecdc9d1d3a/go.mod h1:SGnFV6hVsYE877CKEZ6tDNTjaSXYUk6QqoIK6PrAtcc=
github.com/alicebob/miniredis/v2 v2.30.3 h1:hrqDB4cHFSHQf4gO3xu6YKQg8PqJpNjLYsQAFYHstqw=
github.com/alicebob/miniredis/v2 v2.30.3/go.mod h1:b25qWj4fCEsBeAAR2mlb0ufImGC6uH3VlUfb/HS5zKg=
github.com/alicebob/miniredis/v2 v2.30.4 h1:8S4/o1/KoUArAGbGwPxcwf0krlzceva2XVOSchFS7Eo=
github.com/alicebob/miniredis/v2 v2.30.4/go.mod h1:b25qWj4fCEsBeAAR2mlb0ufImGC6uH3VlUfb/HS5zKg=
github.com/andybalholm/cascadia v1.1.0/go.mod h1:GsXiBklL0woXo1j/WYWtSYYC4ouU9PqHO0sqidkEA4Y=
github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8=
github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4=
Expand All @@ -83,17 +83,18 @@ github.com/apparentlymart/go-textseg v1.0.0 h1:rRmlIsPEEhUTIKQb7T++Nz/A5Q6C9IuX2
github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk=
github.com/apparentlymart/go-textseg/v13 v13.0.0 h1:Y+KvPE1NYz0xl601PVImeQfFyEy6iT90AvPUL1NNfNw=
github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkEghdlcqw7yxLeM89kiTRPUo=
github.com/argoproj/argo-cd/v2 v2.8.19 h1:/oY2Hc2PjEK1nujcKnbylyL6XjeB7JrjwXlsNQuKmiE=
github.com/argoproj/argo-cd/v2 v2.8.19/go.mod h1:KlJ82U5ON9ZDddDIhXbW522l2T4wyBwKsFHZYHIcl2Y=
github.com/argoproj/gitops-engine v0.7.1-0.20231013183858-f15cf615b814 h1:oTaLRbCwjnGtScIX2ZRdIEDsiDxonwh9/BbUxdXrjYc=
github.com/argoproj/gitops-engine v0.7.1-0.20231013183858-f15cf615b814/go.mod h1:1TchqKw9XmYYZluyEHa1dTJQoZgbV6PhabB/e8Wf3KY=
github.com/argoproj/argo-cd/v2 v2.9.21 h1:asVFgXfv0pvw7Q9STOhT75sWUU9cIKHRWWrAzJWmRgo=
github.com/argoproj/argo-cd/v2 v2.9.21/go.mod h1:V9EKQR1U5kJV/aLVRgUV46muOStnP6C5c4wTeT6nkoY=
github.com/argoproj/gitops-engine v0.7.1-0.20240715141028-c68bce0f979c h1:kkHx4mvqnUCLruADf1t/aO6yXnLcrl6rhsINaJomukc=
github.com/argoproj/gitops-engine v0.7.1-0.20240715141028-c68bce0f979c/go.mod h1:/GMN0JuoJUUpnKlNLp2Wn/mfK8sglFsdPn+eoxSddmg=
github.com/argoproj/pkg v0.13.7-0.20230627120311-a4dd357b057e h1:kuLQvJqwwRMQTheT4MFyKVM8Txncu21CHT4yBWUl1Mk=
github.com/argoproj/pkg v0.13.7-0.20230627120311-a4dd357b057e/go.mod h1:xBN5PLx2MoK63dmPfMo/PGBvd77K1Y0m/rzZOe4cs1s=
github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
github.com/aws/aws-sdk-go v1.44.290 h1:Md4+os9DQtJjow0lWLMzeJljsimD+XS2xwwHDr5Z+Lk=
github.com/aws/aws-sdk-go v1.44.290/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/aws/aws-sdk-go v1.44.317 h1:+8XWrLmGMwPPXSRSLPzhgcGnzJ2mYkgkrcB9C/GnSOU=
github.com/aws/aws-sdk-go v1.44.317/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
Expand Down Expand Up @@ -180,15 +181,17 @@ github.com/devtron-labs/argo-workflows/v3 v3.5.10 h1:6rxQOesOzDz6SgQCMDQNHaehsKF
github.com/devtron-labs/argo-workflows/v3 v3.5.10/go.mod h1:/vqxcovDPT4zqr4DjR5v7CF8ggpY1l3TSa2CIG3jmjA=
github.com/devtron-labs/authenticator v0.4.35-0.20240809073103-6e11da8083f8 h1:2+Q7Jdhpo/uMiaQiZZzAh+ZX7wEJIFuMFG6DEiMuo64=
github.com/devtron-labs/authenticator v0.4.35-0.20240809073103-6e11da8083f8/go.mod h1:702R6WIf5y9UzKGoCGxQ+x3l5Ws+l0fXg2xlCpSGFZI=
github.com/devtron-labs/common-lib v0.16.1-0.20240904131140-b4128b676f6c h1:uF5rx/rvfSddPtJ0YzEjlbu+zBa+MqfmABOy6GYBlWM=
github.com/devtron-labs/common-lib v0.16.1-0.20240904131140-b4128b676f6c/go.mod h1:a7aCClaxYfnyYEENSe1RnkQCeW2AwmCAPYsuvgk0aW0=
github.com/devtron-labs/common-lib v0.16.1-0.20240909135009-9ab705e1a141 h1:Fj4FhBUEu6igP8jmipcSC2CG0iudRhbviNSeg02kEvk=
github.com/devtron-labs/common-lib v0.16.1-0.20240909135009-9ab705e1a141/go.mod h1:rAY9Xd6iz+OqNQ3nO3reVHapAVr1N6Osf4Irdc0A08Q=
github.com/devtron-labs/go-bitbucket v0.9.60-beta h1:VEx1jvDgdtDPS6A1uUFoaEi0l1/oLhbr+90xOwr6sDU=
github.com/devtron-labs/go-bitbucket v0.9.60-beta/go.mod h1:GnuiCesvh8xyHeMCb+twm8lBR/kQzJYSKL28ZfObp1Y=
github.com/devtron-labs/protos v0.0.3-0.20240802105333-92ee9bb85d80 h1:xwbTeijNTf4/j1v+tSfwVqwLVnReas/NqEKeQHvSTys=
github.com/devtron-labs/protos v0.0.3-0.20240802105333-92ee9bb85d80/go.mod h1:ypUknVph8Ph4dxSlrFoouf7wLedQxHku2LQwgRrdgS4=
github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
github.com/docker/cli v24.0.6+incompatible h1:fF+XCQCgJjjQNIMjzaSmiKJSCcfcXb3TWTcc7GAneOY=
github.com/docker/cli v24.0.6+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8=
github.com/docker/distribution v2.8.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
Expand Down Expand Up @@ -253,6 +256,8 @@ github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMj
github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII=
github.com/go-git/go-git/v5 v5.11.0 h1:XIZc1p+8YzypNr34itUfSvYJcv+eYdTnTvOZ2vD3cA4=
github.com/go-git/go-git/v5 v5.11.0/go.mod h1:6GFcX2P3NM7FPBfpePbpLd21XxsgdAt+lKqXmCUiUCY=
github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k=
github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ=
github.com/go-jose/go-jose/v4 v4.0.2 h1:R3l3kkBds16bO7ZFAEEcofK0MkrAJt3jlJznWZG0nvk=
github.com/go-jose/go-jose/v4 v4.0.2/go.mod h1:WVf9LFMHh/QVrmqrOfqun0C45tMe3RoiKJMPvgWwLfY=
github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
Expand Down Expand Up @@ -1165,8 +1170,6 @@ gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
gopkg.in/mgo.v2 v2.0.0-20160818015218-f2b6f6c918c4/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA=
gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA=
gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI=
gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI=
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
gopkg.in/tomb.v2 v2.0.0-20161208151619-d5d1b5820637/go.mod h1:BHsqpu/nsuzkT5BpiH1EMZPLyqSMM8JbIavyFACoFNk=
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -147,8 +147,13 @@ func (impl ImageScanDeployInfoRepositoryImpl) FindByTypeMetaAndTypeId(scanObject

func (impl ImageScanDeployInfoRepositoryImpl) ScanListingWithFilter(request *securityBean.ImageScanFilter, size int, offset int, deployInfoIds []int) ([]*ImageScanListingResponse, error) {
var models []*ImageScanListingResponse
var err error
query := impl.scanListingQueryBuilder(request, size, offset, deployInfoIds)
_, err := impl.dbConnection.Query(&models, query, size, offset)
if len(request.Severity) > 0 {
_, err = impl.dbConnection.Query(&models, query, pg.In(request.Severity), pg.In(request.Severity))

Check failure

Code scanning / CodeQL

Database query built from user-controlled sources High

This query depends on a
user-provided value
.
} else {
_, err = impl.dbConnection.Query(&models, query)

Check failure

Code scanning / CodeQL

Database query built from user-controlled sources High

This query depends on a
user-provided value
.
}
if err != nil {
impl.logger.Error("err", err)
return []*ImageScanListingResponse{}, err
Expand Down Expand Up @@ -177,8 +182,8 @@ func (impl ImageScanDeployInfoRepositoryImpl) scanListQueryWithoutObject(request
query = query + " AND res.cve_store_name ILIKE '%" + request.CVEName + "%'"
}
if len(request.Severity) > 0 {
severities := strings.Trim(strings.Join(strings.Fields(fmt.Sprint(request.Severity)), ","), "[]")
query = query + fmt.Sprintf(" AND (cs.standard_severity IN (%s) OR (cs.severity IN (%s) AND cs.standard_severity IS NULL))", severities, severities)
// use pg.In to inject values here wherever calling this func in case severity exists, to avoid sql injections
query = query + " AND (cs.standard_severity IN (?) OR (cs.severity IN (?) AND cs.standard_severity IS NULL))"
}
if len(request.EnvironmentIds) > 0 {
envIds := strings.Trim(strings.Join(strings.Fields(fmt.Sprint(request.EnvironmentIds)), ","), "[]")
Expand Down Expand Up @@ -239,8 +244,7 @@ func (impl ImageScanDeployInfoRepositoryImpl) scanListQueryWithObject(request *s
}

if len(request.Severity) > 0 {
severities := strings.Trim(strings.Join(strings.Fields(fmt.Sprint(request.Severity)), ","), "[]")
query = query + fmt.Sprintf(" AND (cs.standard_severity IN (%s) OR (cs.severity IN (%s) AND cs.standard_severity IS NULL))", severities, severities)
query = query + " AND (cs.standard_severity IN (?) OR (cs.severity IN (?) AND cs.standard_severity IS NULL))"
}
if len(request.EnvironmentIds) > 0 {
envIds := strings.Trim(strings.Join(strings.Fields(fmt.Sprint(request.EnvironmentIds)), ","), "[]")
Expand Down

This file was deleted.

This file was deleted.

This file was deleted.

Loading

0 comments on commit 3ad88d5

Please sign in to comment.