Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(jans-linux-setup): use sqlconnection instead of mysqlconnection #10161

Merged
merged 1 commit into from
Nov 15, 2024
Merged

fix(jans-linux-setup): use sqlconnection instead of mysqlconnection #10161

merged 1 commit into from
Nov 15, 2024

Conversation

devrimyatar
Copy link
Contributor

Closes #10160

  • I confirm that there is no impact on the docs due to the code changes in this PR.

@devrimyatar devrimyatar added kind-bug Issue or PR is a bug in existing functionality comp-jans-linux-setup Component affected by issue or PR labels Nov 15, 2024
@dryrunsecurity DryRunSecurity
Copy link

DryRun Security Summary

The provided code changes are related to the installation and configuration of a Relational Database Management (RDBM) system, such as MySQL or PostgreSQL, for the Jans application, with a more generic approach to handle different RDBM types and good security practices.

Expand for full summary

Summary:

The provided code changes are related to the installation and configuration of a Relational Database Management (RDBM) system, such as MySQL or PostgreSQL, for the Jans application. The changes introduce a more generic approach to handle different RDBM types, with specific implementation details for MySQL and PostgreSQL. The code follows good security practices, including the generation of random passwords, the creation of unique indexes to maintain data integrity, the use of parameterized SQL queries to prevent SQL injection vulnerabilities, and the handling of the PostgreSQL configuration file to allow access from the local host. Additionally, the code obscures the RDBM password before storing it in the configuration file, which is a good security practice to protect sensitive information.

Files Changed:

  • jans-linux-setup/jans_setup/setup_app/installers/rdbm.py: This file contains the code changes related to the installation and configuration of the RDBM system for the Jans application. The key changes include:
    • Updating the database connection method from mysqlconnection() to sqlconnection() to handle different RDBM types.
    • Implementing the local_install() method to handle the installation and setup of MySQL or PostgreSQL, including creating the database, user, granting privileges, and updating the PostgreSQL configuration file.
    • Generating the necessary SQL commands to create tables based on the Jans schema files, adding comments to the PostgreSQL columns, and creating indexes and unique indexes.
    • Implementing the import_ldif() method to import the LDIF files into the RDBM.
    • Generating the RDBM-specific properties file (e.g., jans-mysql.properties) based on a template.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-linux-setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@yurem yurem enabled auto-merge (squash) November 15, 2024 17:22
@yurem yurem merged commit 910f6c8 into main Nov 15, 2024
12 checks passed
@yurem yurem deleted the jans-linux-setup-mysqlconnection-10160 branch November 15, 2024 18:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yuriyz yuriyz yuriyz approved these changes

@yurem yurem yurem approved these changes

@yuriyzz yuriyzz Awaiting requested review from yuriyzz yuriyzz is a code owner

Assignees
No one assigned
Labels
comp-jans-linux-setup Component affected by issue or PR kind-bug Issue or PR is a bug in existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fix(jans-linux-setup): use sqlconnection instead of mysqlconnection in rdbm installer
3 participants
@devrimyatar @yuriyz @yurem