Merge remote-tracking branch 'upstream/fix/metadata-gateway' into fix…

…/local-deployment
ACED-IDP · Apr 11, 2024 · 258fce8 · 258fce8
2 parents 0782c8f + 0dcaa3a
commit 258fce8
Show file tree

Hide file tree

Showing 28 changed files with 166 additions and 148 deletions.
diff --git a/.secrets.baseline b/.secrets.baseline
@@ -3,7 +3,7 @@
     "files": "^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2023-06-05T18:40:35Z",
+  "generated_at": "2024-04-02T20:57:28Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -108,6 +108,15 @@
         "type": "Secret Keyword"
       }
     ],
+    "docs/kubernetes-in-docker.md": [
+      {
+        "hashed_secret": "5320294d100314ce19330d99abada8c26c4993a3",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 96,
+        "type": "Secret Keyword"
+      }
+    ],
     "examples/gke_dev_values.yaml": [
       {
         "hashed_secret": "75cb4c02576c9abae38fadc84bc832f2af203f3e",
@@ -143,18 +152,25 @@
       }
     ],
     "helm/audit/README.md": [
+      {
+        "hashed_secret": "a04a85e28ae4f699c0f8d014ad41160c9b9206f0",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 39,
+        "type": "Secret Keyword"
+      },
       {
         "hashed_secret": "d84ce25b0f9bc2cc263006ae39453efb22cc2900",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 64,
+        "line_number": 65,
         "type": "Secret Keyword"
       },
       {
         "hashed_secret": "f09dd6e359833a12f48c4c4255d6e87a6e55cfe9",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 84,
+        "line_number": 85,
         "type": "Secret Keyword"
       }
     ],
@@ -210,7 +226,7 @@
     ],
     "helm/fence/README.md": [
       {
-        "hashed_secret": "4d10c0e4e0b7e73c9e709a15b81dbfa7ed3d91cc",
+        "hashed_secret": "7f57cb0116aa983d9844a39f6da9244cf98036b1",
         "is_secret": false,
         "is_verified": false,
         "line_number": 92,
@@ -220,28 +236,28 @@
         "hashed_secret": "b266a6d0f00bb36f6b98134bf4cec71f2d7943a3",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 100,
+        "line_number": 102,
         "type": "Secret Keyword"
       },
       {
         "hashed_secret": "d84ce25b0f9bc2cc263006ae39453efb22cc2900",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 125,
+        "line_number": 127,
         "type": "Secret Keyword"
       },
       {
         "hashed_secret": "f09dd6e359833a12f48c4c4255d6e87a6e55cfe9",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 152,
+        "line_number": 154,
         "type": "Secret Keyword"
       },
       {
         "hashed_secret": "9d8fada0e01336e865c461bb3549084d206fe6da",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 198,
+        "line_number": 200,
         "type": "Secret Keyword"
       }
     ],
@@ -305,23 +321,23 @@
         "hashed_secret": "5d07e1b80e448a213b392049888111e1779a52db",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 1957,
+        "line_number": 1961,
         "type": "Secret Keyword"
       }
     ],
     "helm/gen3/README.md": [
       {
-        "hashed_secret": "b266a6d0f00bb36f6b98134bf4cec71f2d7943a3",
+        "hashed_secret": "7422c958ec5a8e5f87c9e81cdf426ef0e193332c",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 99,
+        "line_number": 75,
         "type": "Secret Keyword"
       },
       {
         "hashed_secret": "1740c48fa3141d4851b14f97e3bc0f46f7670672",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 127,
+        "line_number": 107,
         "type": "Secret Keyword"
       }
     ],
@@ -330,7 +346,7 @@
         "hashed_secret": "9b5925ea817163740dfb287a9894e8ab3aba2c18",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 174,
+        "line_number": 176,
         "type": "Secret Keyword"
       }
     ],
@@ -369,25 +385,32 @@
       }
     ],
     "helm/indexd/README.md": [
+      {
+        "hashed_secret": "167402961a8c8a8b3764e865e865efa9ada95369",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 30,
+        "type": "Secret Keyword"
+      },
       {
         "hashed_secret": "d84ce25b0f9bc2cc263006ae39453efb22cc2900",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 54,
+        "line_number": 55,
         "type": "Secret Keyword"
       },
       {
         "hashed_secret": "f09dd6e359833a12f48c4c4255d6e87a6e55cfe9",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 73,
+        "line_number": 74,
         "type": "Secret Keyword"
       },
       {
         "hashed_secret": "1cc98556e7b1353c7bd08344f9190808b0d3d6d4",
         "is_secret": true,
         "is_verified": false,
-        "line_number": 107,
+        "line_number": 108,
         "type": "Secret Keyword"
       }
     ],
@@ -401,11 +424,18 @@
       }
     ],
     "helm/manifestservice/README.md": [
+      {
+        "hashed_secret": "cc524de4657898e872ff46e0a9256f4e186cdfe6",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 36,
+        "type": "Secret Keyword"
+      },
       {
         "hashed_secret": "611f2e9064b518afdb23f201321f39029dd28917",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 70,
+        "line_number": 86,
         "type": "Secret Keyword"
       }
     ],
@@ -419,18 +449,25 @@
       }
     ],
     "helm/metadata/README.md": [
+      {
+        "hashed_secret": "cbdb7939a61698c9c866ea614399ef7eb7770c68",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 49,
+        "type": "Secret Keyword"
+      },
       {
         "hashed_secret": "d84ce25b0f9bc2cc263006ae39453efb22cc2900",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 72,
+        "line_number": 74,
         "type": "Secret Keyword"
       },
       {
         "hashed_secret": "f09dd6e359833a12f48c4c4255d6e87a6e55cfe9",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 91,
+        "line_number": 93,
         "type": "Secret Keyword"
       }
     ],
@@ -496,35 +533,35 @@
         "hashed_secret": "eb9739c6625f06b4ab73035223366dda6262ae77",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 37,
+        "line_number": 38,
         "type": "Base64 High Entropy String"
       },
       {
         "hashed_secret": "08eeb737b239bdb7362a875b90e22c10b8826b20",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 41,
+        "line_number": 42,
         "type": "Base64 High Entropy String"
       },
       {
         "hashed_secret": "d84ce25b0f9bc2cc263006ae39453efb22cc2900",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 60,
+        "line_number": 61,
         "type": "Secret Keyword"
       }
     ],
     "helm/portal/values.yaml": [
       {
         "hashed_secret": "08eeb737b239bdb7362a875b90e22c10b8826b20",
         "is_verified": false,
-        "line_number": 472,
+        "line_number": 478,
         "type": "Base64 High Entropy String"
       },
       {
         "hashed_secret": "eb9739c6625f06b4ab73035223366dda6262ae77",
         "is_verified": false,
-        "line_number": 475,
+        "line_number": 481,
         "type": "Base64 High Entropy String"
       }
     ],
@@ -650,27 +687,6 @@
         "is_verified": false,
         "line_number": 79,
         "type": "Secret Keyword"
-      },
-      {
-        "hashed_secret": "c2c4e52c03a03ce3efeb21eb202d301018d4548e",
-        "is_secret": false,
-        "is_verified": false,
-        "line_number": 100,
-        "type": "Secret Keyword"
-      },
-      {
-        "hashed_secret": "afc848c316af1a89d49826c5ae9d00ed769415f3",
-        "is_secret": false,
-        "is_verified": false,
-        "line_number": 109,
-        "type": "Secret Keyword"
-      },
-      {
-        "hashed_secret": "fa4497447699cdb0a81c66a7f21af28a75170195",
-        "is_secret": false,
-        "is_verified": false,
-        "line_number": 111,
-        "type": "Secret Keyword"
       }
     ],
     "helm/sheepdog/sheepdog-secret/config_helper.py": [
@@ -682,7 +698,7 @@
         "type": "Basic Auth Credentials"
       }
     ],
-    "helm/sheepdog/sheepdog-secret/wsgi.py": [
+    "helm/sheepdog/sheepdog-secret/settings.py": [
       {
         "hashed_secret": "347cd9c53ff77d41a7b22aa56c7b4efaf54658e3",
         "is_secret": false,
@@ -691,15 +707,6 @@
         "type": "Basic Auth Credentials"
       }
     ],
-    "helm/sheepdog/values.yaml": [
-      {
-        "hashed_secret": "afc848c316af1a89d49826c5ae9d00ed769415f3",
-        "is_secret": false,
-        "is_verified": false,
-        "line_number": 233,
-        "type": "Secret Keyword"
-      }
-    ],
     "helm/sower/README.md": [
       {
         "hashed_secret": "2546383b95bb44732e9be6a877fd476c0442fdab",

diff --git a/helm/fence/Chart.yaml b/helm/fence/Chart.yaml
@@ -15,7 +15,7 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.16
+version: 0.1.17
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to

diff --git a/helm/fence/README.md b/helm/fence/README.md
@@ -1,6 +1,6 @@
 # fence
 
-![Version: 0.1.16](https://img.shields.io/badge/Version-0.1.16-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square)
+![Version: 0.1.17](https://img.shields.io/badge/Version-0.1.17-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square)
 
 A Helm chart for gen3 Fence
 
@@ -89,8 +89,10 @@ A Helm chart for gen3 Fence
 | datadogProfilingEnabled | bool | `true` | If enabled, the Datadog Agent will collect profiling data for your application using the Continuous Profiler. This data can be used to identify performance bottlenecks and optimize your application. |
 | datadogTraceSampleRate | int | `1` | A value between 0 and 1, that represents the percentage of requests that will be traced. For example, a value of 0.5 means that 50% of requests will be traced. |
 | env | list | `[{"name":"GEN3_UWSGI_TIMEOUT","valueFrom":{"configMapKeyRef":{"key":"uwsgi-timeout","name":"manifest-global","optional":true}}},{"name":"DD_AGENT_HOST","valueFrom":{"fieldRef":{"fieldPath":"status.hostIP"}}},{"name":"AWS_STS_REGIONAL_ENDPOINTS","value":"regional"},{"name":"PYTHONPATH","value":"/var/www/fence"},{"name":"GEN3_DEBUG","value":"False"},{"name":"FENCE_PUBLIC_CONFIG","valueFrom":{"configMapKeyRef":{"key":"fence-config-public.yaml","name":"manifest-fence","optional":true}}},{"name":"PGHOST","valueFrom":{"secretKeyRef":{"key":"host","name":"fence-dbcreds","optional":false}}},{"name":"PGUSER","valueFrom":{"secretKeyRef":{"key":"username","name":"fence-dbcreds","optional":false}}},{"name":"PGPASSWORD","valueFrom":{"secretKeyRef":{"key":"password","name":"fence-dbcreds","optional":false}}},{"name":"PGDB","valueFrom":{"secretKeyRef":{"key":"database","name":"fence-dbcreds","optional":false}}},{"name":"DBREADY","valueFrom":{"secretKeyRef":{"key":"dbcreated","name":"fence-dbcreds","optional":false}}},{"name":"DB","value":"postgresql://$(PGUSER):$(PGPASSWORD)@$(PGHOST):5432/$(PGDB)"},{"name":"INDEXD_PASSWORD","valueFrom":{"secretKeyRef":{"key":"fence","name":"indexd-service-creds"}}},{"name":"gen3Env","valueFrom":{"configMapKeyRef":{"key":"hostname","name":"manifest-global"}}}]` | Environment variables to pass to the container |
-| externalSecrets | map | `{"createK8sFenceSecrets":false,"dbcreds":null,"fenceConfig":null,"fenceGoogleAppCredsSecret":null,"fenceGoogleStorageCredsSecret":null,"fenceJwtKeys":null}` | External Secrets settings. |
-| externalSecrets.createK8sFenceSecrets | string | `false` | Will create the Helm "fence-config", "fence-google-app-creds-secret", "fence-google-storage-creds-secret", and "fence-jwt-keys" secrets even if Secrets Manager is enabled. This is helpful if you are wanting to use External Secrets for some, but not all secrets. |
+| externalSecrets | map | `{"createK8sFenceConfigSecret":false,"createK8sGoogleAppSecrets":false,"createK8sJwtKeysSecret":false,"dbcreds":null,"fenceConfig":null,"fenceGoogleAppCredsSecret":null,"fenceGoogleStorageCredsSecret":null,"fenceJwtKeys":null}` | External Secrets settings. |
+| externalSecrets.createK8sFenceConfigSecret | string | `false` | Will create the Helm "fence-config" secret even if Secrets Manager is enabled. This is helpful if you are wanting to use External Secrets for some, but not all secrets. |
+| externalSecrets.createK8sGoogleAppSecrets | string | `false` | Will create the Helm "fence-google-app-creds-secret" and "fence-google-storage-creds-secret" secrets even if Secrets Manager is enabled. This is helpful if you are wanting to use External Secrets for some, but not all secrets. |
+| externalSecrets.createK8sJwtKeysSecret | string | `false` | Will create the Helm "fence-jwt-keys" secret even if Secrets Manager is enabled. This is helpful if you are wanting to use External Secrets for some, but not all secrets. |
 | externalSecrets.dbcreds | string | `nil` | Will override the name of the aws secrets manager secret. Default is "Values.global.environment-.Chart.Name-creds" |
 | externalSecrets.fenceConfig | string | `nil` | Will override the name of the aws secrets manager secret. Default is "fence-config" |
 | externalSecrets.fenceGoogleAppCredsSecret | string | `nil` | Will override the name of the aws secrets manager secret. Default is "fence-google-app-creds-secret" |