Helm Charts for Data Provision and Data Consumption infrastructure, with DTR, 2x EDCs, Data Storage Service #84
Conversation
|
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" | ||
| spec: | ||
| restartPolicy: Never | ||
| containers: |
Check warning
Code scanning / SonarCloud
Service account permissions should be restricted Medium
| spec: | ||
| restartPolicy: Never | ||
| containers: | ||
| - name: post-install-job |
Check warning
Code scanning / SonarCloud
Memory limits should be enforced Medium
| key.json: |- | ||
| { | ||
| "data": { | ||
| "content": "-----BEGIN PRIVATE KEY-----\nMIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCw/VaXnS+IrNWr\nDwcYVY+Kz4zwibh1pMUyd53lCvbP3QU2CSPURWGKnSY50PqQODdtbhHHIvrPeNaL\nX0koEdnrxROBk109uGE80sQZxCm7y7CAVxYovg/8g7KQR4TxF6wY5WD8fM0TseRO\nCIF2vYIxMRcvfNOZ2vS9sUYxs5M/I68oyjL/YVolokA9ejemgap9G+voa7q2inaS\n1F3/Pw2EGm7PH1DKkiwTraigs0+mrON7N+/Mltze2Sj9xc07Iahla4QoxN8rBird\nmOxNkqRuNU2B2gQVJal3pOqTvoHUJujG/UIPzHDRxDXj15bQi4uQCTd4Xl5lHiJD\nlgA5moBRAgMBAAECggEAKD8XjYb8G+WHeexDJgSwzTUonLsIg9H52KHMORz+5mIh\nUPoPmHHFfj6BhoSvsZNjAUKWDtU0uPCGwu8iRNcYWa15I841lfcjP3BDEQPjJJXr\nNyf2fUHJA1gURwxIXgWOyCOC5C9h9/BMFPWIsQ5jeFmsJsuJF5OrcyZIar1lxqWu\nQ+HC7f/7JNkpR26uIyGjs1OXwfp+mHqze2Qf8hLWIXcN9tBCQZ75Cg7rarNVimMC\n59QD80JZCHTaCX1ZtE1T8HM+53Ob78lnFCuBfiBT/S3O/NXVsEN9q6rMWKhETVWR\nUX56EqZ7XGSMOzuZyK7kj1QsHzEMrrHjwDSNSjAqFQKBgQC6hEeAWPCEM+WVoF9n\nmhvwZVZv/PPyLAarykBTGoeHR2hqNyih9JmcXL+XQHMlhy1Ka8NtJHvfyB1xhXgF\n/d91i/Yq02+nZoJPNnVWo8zoXIAIq+xg9CBiu0agBxv45PjJkEkQmmEG4Iej1+Kf\n5/+dI7sFjE2T4q/lLK0Aw3x+zQKBgQDy7Ho7eRi5CV1Ks+r5lpGGdM15hbE5tviE\nfmJvaEUh3oWuwdkyFjD/QEPITG1bFuvhATdEEWxTbuswNEbELLhKCPcixcI0sLUO\n6BeNi1YD6ouuqsWBLvmE4hvoDR7RlkpUduxWpZ2tNIDJYYTwCERhcYK9OtHU15kc\nlS0pEjF/lQKBgEh+28/OQgYQqd7ji9GX+94PdW5n0mXBqQIixafHewAgyDvonpl8\nmixFfI6MlXTzuq3ffwEwGhncDV2vc/xYNf/ZW+A/eHmHhYTGdQss9ZsnQPid4m24\n1dGqWwQeX0f5r52gwFV8u9PRd8c+RS7EHP12At5gL1MY3CdmmwPd98jNAoGASvPV\n/xWtICKYi10aCip/+kl9wJoUhadD5LWOL6uvcPTUsIgVONQKCCfPAjU6pJlc7E7Q\nu4rYrqGRpYzrrMnTjtxXTH5SHqnLI69O3Rh50LmEob8FM4fH601MqPurX6WMh6Ut\n5Moy7Wc+uWQCfYE/gAVi/nnwlkhzcJNCnOKFLUUCgYA4nbhLrdEeCBJas2+Z9aGw\n/SurtHF2z2meAPO3VaYslf0D0xKzUIv5hkkzaNgs0pFGt0BcKfTWkYy/Hh4QXZhm\n//ZrqbkVsqzDOcqGwQcDmUEN/T+vprUJVKqpNHXT6fz3OTydxLQ7K7SXzwXWYfRW\ncpjdr0c1tVVLMyNG+Wahrg==\n-----END PRIVATE KEY-----\n" |
Check failure
Code scanning / SonarCloud
Cryptographic private keys should not be disclosed High
| helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" | ||
| spec: | ||
| restartPolicy: Never | ||
| containers: |
Check warning
Code scanning / SonarCloud
Service account permissions should be restricted Medium
| spec: | ||
| restartPolicy: Never | ||
| containers: | ||
| - name: post-install-job |
Check warning
Code scanning / SonarCloud
Memory limits should be enforced Medium
| key.json: |- | ||
| { | ||
| "data": { | ||
| "content": "-----BEGIN PRIVATE KEY-----\nMIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCw/VaXnS+IrNWr\nDwcYVY+Kz4zwibh1pMUyd53lCvbP3QU2CSPURWGKnSY50PqQODdtbhHHIvrPeNaL\nX0koEdnrxROBk109uGE80sQZxCm7y7CAVxYovg/8g7KQR4TxF6wY5WD8fM0TseRO\nCIF2vYIxMRcvfNOZ2vS9sUYxs5M/I68oyjL/YVolokA9ejemgap9G+voa7q2inaS\n1F3/Pw2EGm7PH1DKkiwTraigs0+mrON7N+/Mltze2Sj9xc07Iahla4QoxN8rBird\nmOxNkqRuNU2B2gQVJal3pOqTvoHUJujG/UIPzHDRxDXj15bQi4uQCTd4Xl5lHiJD\nlgA5moBRAgMBAAECggEAKD8XjYb8G+WHeexDJgSwzTUonLsIg9H52KHMORz+5mIh\nUPoPmHHFfj6BhoSvsZNjAUKWDtU0uPCGwu8iRNcYWa15I841lfcjP3BDEQPjJJXr\nNyf2fUHJA1gURwxIXgWOyCOC5C9h9/BMFPWIsQ5jeFmsJsuJF5OrcyZIar1lxqWu\nQ+HC7f/7JNkpR26uIyGjs1OXwfp+mHqze2Qf8hLWIXcN9tBCQZ75Cg7rarNVimMC\n59QD80JZCHTaCX1ZtE1T8HM+53Ob78lnFCuBfiBT/S3O/NXVsEN9q6rMWKhETVWR\nUX56EqZ7XGSMOzuZyK7kj1QsHzEMrrHjwDSNSjAqFQKBgQC6hEeAWPCEM+WVoF9n\nmhvwZVZv/PPyLAarykBTGoeHR2hqNyih9JmcXL+XQHMlhy1Ka8NtJHvfyB1xhXgF\n/d91i/Yq02+nZoJPNnVWo8zoXIAIq+xg9CBiu0agBxv45PjJkEkQmmEG4Iej1+Kf\n5/+dI7sFjE2T4q/lLK0Aw3x+zQKBgQDy7Ho7eRi5CV1Ks+r5lpGGdM15hbE5tviE\nfmJvaEUh3oWuwdkyFjD/QEPITG1bFuvhATdEEWxTbuswNEbELLhKCPcixcI0sLUO\n6BeNi1YD6ouuqsWBLvmE4hvoDR7RlkpUduxWpZ2tNIDJYYTwCERhcYK9OtHU15kc\nlS0pEjF/lQKBgEh+28/OQgYQqd7ji9GX+94PdW5n0mXBqQIixafHewAgyDvonpl8\nmixFfI6MlXTzuq3ffwEwGhncDV2vc/xYNf/ZW+A/eHmHhYTGdQss9ZsnQPid4m24\n1dGqWwQeX0f5r52gwFV8u9PRd8c+RS7EHP12At5gL1MY3CdmmwPd98jNAoGASvPV\n/xWtICKYi10aCip/+kl9wJoUhadD5LWOL6uvcPTUsIgVONQKCCfPAjU6pJlc7E7Q\nu4rYrqGRpYzrrMnTjtxXTH5SHqnLI69O3Rh50LmEob8FM4fH601MqPurX6WMh6Ut\n5Moy7Wc+uWQCfYE/gAVi/nnwlkhzcJNCnOKFLUUCgYA4nbhLrdEeCBJas2+Z9aGw\n/SurtHF2z2meAPO3VaYslf0D0xKzUIv5hkkzaNgs0pFGt0BcKfTWkYy/Hh4QXZhm\n//ZrqbkVsqzDOcqGwQcDmUEN/T+vprUJVKqpNHXT6fz3OTydxLQ7K7SXzwXWYfRW\ncpjdr0c1tVVLMyNG+Wahrg==\n-----END PRIVATE KEY-----\n" |
Check failure
Code scanning / SonarCloud
Cryptographic private keys should not be disclosed High
|
I know that there are many changes, but it was basically reusing the umbrella, everything is open source already. There is probably some things that need to be done, but feel free to commit to this branch from your forks, or suggest changes, we can make it more slim or optimal. |
|
@mgarciaLKS aqui tenemos secretos, pero nuestro trufflehog no falla, q raro |
You are right, going to take a look. |
WHY
I wanted to provide an example on how could we deploy our EDCs to be able to develop our applications against it.
From the data provider perspective it was also provided a DTR and a Data Storage Service.
Pre-review checks
Please ensure to do as many of the following checks as possible, before asking for committer review: