8000 fix(jans-linux-setup): remove/rename old variable/file names by devrimyatar · Pull Request #8991 · JanssenProject/jans · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

fix(jans-linux-setup): remove/rename old variable/file names #8991

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jul 22, 2024
Merged

fix(jans-linux-setup): remove/rename old variable/file names #8991

merged 3 commits into from
Jul 22, 2024

Conversation

devrimyatar
Copy link
Contributor

closes #8913

  • I confirm that there is no impact on the docs due to the code changes in this PR.

@devrimyatar
fix(jans-linux-setup): remove/rename old variable/file names
c6c864e 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
@devrimyatar devrimyatar added kind-bug Issue or PR is a bug in existing functionality comp-jans-linux-setup Component affected by issue or PR labels Jul 20, 2024
@devrimyatar devrimyatar marked this pull request as draft July 20, 2024 12:17
@dryrunsecurity DryRunSecurity
Copy link
dryrunsecurity bot commented Jul 20, 2024
edited
Loading

DryRun Security Summary

The pull request covers a wide range of updates and improvements to the Jans Linux setup script and its associated components, focusing on aligning the codebase with the new "Jans" branding, removing support for deprecated components, and enhancing the security and configuration management of various Jans services.

Expand for full summary

Summary:

The code changes in this pull request cover a wide range of updates and improvements to the Jans Linux setup script and its associated components. The changes focus on aligning the codebase with the new "Jans" branding, removing support for deprecated components (e.g., OXD), and enhancing the security and configuration management of various Jans services, such as Jans Auth, Jans SAML, Jans Lock, and others.

From an application security perspective, the key changes include:

  1. Improved naming conventions and removal of unused components, which can help reduce the attack surface.
  2. Secure configuration management, such as handling of sensitive information (passwords, certificates, etc.) and integration with LDAP, SQL, and Couchbase backends.
  3. Enhancements to the Jetty service installation and configuration, ensuring proper security settings.
  4. Integration with security-focused components like the Open Policy Agent (OPA) and FIDO2, which can improve the overall security posture.
  5. Secure certificate management, including the generation, storage, and usage of SSL/TLS certificates.

Overall, the changes appear to be focused on improving the security and maintainability of the Jans Linux setup process, while also modernizing the application and aligning it with the new "Jans" branding. As an application security engineer, I would recommend thoroughly reviewing the changes and their impact on the overall security of the Jans platform.

Files Changed:

  1. jans-linux-setup/jans_setup/setup.properties.sample: Changes related to the setup configuration file, including the renaming of the installFido2 parameter and the removal of commented-out lines for remote MySQL database support.
  2. jans-linux-setup/jans_setup/schema/jans_schema_mappings.json: Updates to the LDAP attribute mappings, renaming oxAuthConfDynamic to jans_auth_conf_dynamic.
  3. jans-linux-setup/jans_setup/jans_setup.py: Removal of commented-out code related to the OXD (OpenID Connect Delegate) installer, indicating a move away from this component.
  4. jans-linux-setup/docs/README.md: Documentation updates related to the config.py file and the configuration management process.
  5. jans-linux-setup/jans_setup/setup_app/config.py: Refactoring of configuration settings, including renaming of properties and removal of OXD-related options.
  6. jans-linux-setup/jans_setup/setup_app/installers/config_api.py: Changes to the Jans Config API installation and configuration, including OAuth2 protection and endpoint injection settings.
  7. jans-linux-setup/jans_setup/setup_app/installers/httpd.py: Updates to the Apache HTTP server configuration management, including SSL/TLS certificate generation and module management.
  8. jans-linux-setup/jans_setup/setup_app/installers/fido.py: Changes to the FIDO2 server installation and configuration, including integration with the Configuration API.
  9. jans-linux-setup/jans_setup/setup_app/installers/jans.py: Renaming of variables and updates to the Jans Auth Server installation and configuration.
  10. jans-linux-setup/jans_setup/setup_app/installers/jans_auth.py: Improvements to the Jans Auth Server installation, including OpenID Connect key generation and role-scope mappings.
  11. jans-linux-setup/jans_setup/setup_app/installers/jans_keycloak_link.py: Changes to the Jans Keycloak Link installation and configuration.
  12. jans-linux-setup/jans_setup/setup_app/installers/jans_casa.py: Updates to the Jans Casa application installation and configuration.
  13. jans-linux-setup/jans_setup/setup_app/installers/jans_link.py: Changes to the Jans Link service installation and configuration.
  14. jans-linux-setup/jans_setup/setup_app/installers/jetty.py: Renaming of variables and methods related to the Jetty application server installation.
  15. `jans-linux-setup/jans_setup/setup_

Code Analysis

We ran 9 analyzers against 30 files and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer Findings
Authn/Authz Analyzer 42 findings

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@mo-auto mo-auto added the area-documentation Documentation needs to change as part of issue or PR label Jul 20, 2024
@devrimyatar devrimyatar marked this pull request as ready for review July 20, 2024 12:30
@yuriyz yuriyz merged commit 1bde131 into main Jul 22, 2024
1 of 2 checks passed
@yuriyz yuriyz deleted the jans-linux-setup-variable-names-8913 branch July 22, 2024 09:07
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-linux-setup'

Issues
5 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

This was referenced Aug 15, 2024
Merged
Merged
Merged
Merged
yuriyz pushed a commit that referenced this pull request Nov 7, 2024
@devrimyatar
fix(jans-linux-setup): remove/rename old variable/file names (#8991)
86A8 36e39a2 
Signed-off-by: Mustafa Baser <mbaser@mail.com>
Former-commit-id: 1bde131
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yuriyz yuriyz yuriyz approved these changes

@yuriyzz yuriyzz yuriyzz approved these changes

@yurem yurem Awaiting requested review from yurem yurem is a code owner

Assignees
No one assigned
Labels
area-documentation Documentation needs to change as part of issue or PR comp-jans-linux-setup Component affected by issue or PR kind-bug Issue or PR is a bug in existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fix(jans-linux-setup): linux installer setup.properties
4 participants
@devrimyatar @yuriyz @yuriyzz @mo-auto
0