Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Story 11676: Delete mitogen library from ansible sources #1455

Merged
merged 1 commit into from
Sep 7, 2023
Merged

Story 11676: Delete mitogen library from ansible sources #1455

merged 1 commit into from
Sep 7, 2023

Conversation

madoka97
Copy link
Contributor

Suppression de la librairie mitogen et nettoyage de ansible.cfg

@madoka97 madoka97 added the OPS REVIEW Mandatory if deployment/ directory is modified. label Aug 31, 2023
@madoka97 madoka97 added this to the IT 124 milestone Aug 31, 2023
@madoka97 madoka97 self-assigned this Aug 31, 2023
@GiooDev GiooDev changed the title delete mitogen library and clean ansible.cfg Story 11676: Delete mitogen library from ansible sources Aug 31, 2023
@vitam-devops
Copy link
Collaborator

vitam-devops commented Aug 31, 2023
edited
Loading

Logo
Checkmarx One – Scan Summary & Detailsc54a78d2-fbac-49af-a5a6-a88e3f205284

New Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM Privacy_Violation /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/service/ProviderService.java: 214 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/IdentityProviderBuilder.java: 111 Attack Vector
MEDIUM Privacy_Violation /api/api-iam/iam-commons/src/main/java/fr/gouv/vitamui/iam/common/utils/IdentityProviderBuilder.java: 110 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/IngestContractInternalController.java: 103 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/ArchivalProfileUnitInternalController.java: 106 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/RuleInternalController.java: 113 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/AgencyInternalController.java: 109 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/FileFormatInternalController.java: 115 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/ManagementContractInternalController.java: 105 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/ProfileInternalController.java: 114 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/OntologyInternalController.java: 111 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/AccessContractInternalController.java: 101 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/OperationInternalController.java: 106 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/SecurityProfileInternalController.java: 102 Attack Vector
LOW Log_Forging /api/api-referential/referential-internal/src/main/java/fr/gouv/vitamui/referential/internal/server/rest/ContextInternalController.java: 99 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/SecurityProfileExternalController.java: 130 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/FileFormatExternalController.java: 145 Attack Vector
LOW Log_Forging /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ArchivalProfileUnitController.java: 190 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AgencyController.java: 159 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/AccessContractExternalController.java: 126 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/IngestContractController.java: 144 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ManagementContractExternalController.java: 135 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ArchivalProfileUnitExternalController.java: 145 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/FileFormatController.java: 190 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ManagementContractController.java: 143 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ProfileExternalController.java: 190 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/AccessContractController.java: 143 Attack Vector
LOW Log_Forging /ui/ui-collect/src/main/java/fr/gouv/vitamui/collect/rest/ProjectController.java: 124 Attack Vector
LOW Log_Forging /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/UserInfoController.java: 103 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/OntologyController.java: 159 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/AgencyExternalController.java: 137 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/SecurityProfileController.java: 156 Attack Vector
LOW Log_Forging /ui/ui-identity/src/main/java/fr/gouv/vitamui/identity/rest/ProviderController.java: 152 Attack Vector
LOW Log_Forging /ui/ui-pastis/src/main/java/fr/gouv/vitamui/pastis/rest/ProfileController.java: 226 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/IngestContractExternalController.java: 124 Attack Vector
LOW Log_Forging /api/api-collect/collect-external/src/main/java/fr/gouv/vitamui/collect/external/server/rest/ProjectExternalController.java: 137 Attack Vector
LOW Log_Forging /ui/ui-commons/src/main/java/fr/gouv/vitamui/ui/commons/rest/ExternalParamProfileController.java: 108 Attack Vector
LOW Log_Forging /ui/ui-referential/src/main/java/fr/gouv/vitamui/referential/rest/ContextController.java: 152 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/ContextExternalController.java: 123 Attack Vector
LOW Log_Forging /api/api-referential/referential-external/src/main/java/fr/gouv/vitamui/referential/external/server/rest/OntologyExternalController.java: 151 Attack Vector

Fixed Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH Missing User Instruction /Dockerfile: 10 A user should be specified in the dockerfile, otherwise the image will run as root
HIGH Missing User Instruction /Dockerfile: 10 A user should be specified in the dockerfile, otherwise the image will run as root
HIGH Missing User Instruction /Dockerfile: 11 A user should be specified in the dockerfile, otherwise the image will run as root
HIGH Missing User Instruction /Dockerfile: 10 A user should be specified in the dockerfile, otherwise the image will run as root
HIGH No New Privileges Not Set /vitam-recette.yml: 17 Ensuring the process does not gain any new privileges lessens the risk associated with many operations.
HIGH No New Privileges Not Set /vitam-recette.yml: 54 Ensuring the process does not gain any new privileges lessens the risk associated with many operations.
HIGH No New Privileges Not Set /vitam-dev.yml: 19 Ensuring the process does not gain any new privileges lessens the risk associated with many operations.
HIGH No New Privileges Not Set /docker-compose.yml: 10 Ensuring the process does not gain any new privileges lessens the risk associated with many operations.
HIGH Passwords And Secrets - Generic Password /application.yml: 95 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 22 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-integration.yml: 66 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 19 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 28 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 90 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 73 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 52 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 76 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 71 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 22 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 27 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 30 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 38 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /mongo_vars_dev.yml: 41 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 31 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 52 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 71 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-integration.yml: 47 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 93 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 32 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 71 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 29 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /mongo_vars_dev.yml: 46 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /logstash.yml: 238 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 12 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 108 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 91 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /logstash.yml: 227 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 23 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 87 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 47 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 72 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 141 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 64 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 32 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 35 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 31 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 64 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 76 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 76 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /mongo_dev.yml: 37 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 29 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 85 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 49 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 53 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 22 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 119 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 32 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 30 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 101 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /cas-server-application-recette.yml: 14 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 30 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 62 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 40 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /logstash.yml: 242 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 40 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 89 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 22 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 48 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 54 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 75 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 80 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 128 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 57 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 24 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /mongo_vars_dev.yml: 36 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 47 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-dev.yml: 99 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 31 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 27 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 42 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 44 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application.yml: 76 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /application-recette.yml: 91 Query to find passwords and secrets in infrastructure code.
HIGH

More results are available on AST platform

@madoka97 madoka97 force-pushed the story_11676_delete_mitogen_lib_vitamui branch from ff22d7d to ce1ab70 Compare August 31, 2023 14:27
@GiooDev GiooDev added the VAS VAS contribution label Aug 31, 2023
@GiooDev GiooDev merged commit 6a1821f into develop Sep 7, 2023
@GiooDev GiooDev deleted the story_11676_delete_mitogen_lib_vitamui branch September 7, 2023 10:03
Regzox pushed a commit that referenced this pull request Sep 11, 2023
@madoka97 @Regzox
Story #11676: Delete mitogen library from ansible sources (#1455)
f614ac0 
Co-authored-by: Mathieu Colin <mathieu.colin.ext@culture.gouv.fr>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bbenaissa bbenaissa bbenaissa approved these changes

@GiooDev GiooDev GiooDev approved these changes

@laedanrex laedanrex laedanrex approved these changes

@achoubiemohamed achoubiemohamed Awaiting requested review from achoubiemohamed

Assignees

@madoka97 madoka97

Labels
OPS REVIEW Mandatory if deployment/ directory is modified. VAS VAS contribution
Projects
None yet
Milestone
IT 124
Development

Successfully merging this pull request may close these issues.
5 participants
@madoka97 @vitam-devops @bbenaissa @GiooDev @laedanrex