Updated documentation

Audit GHA Using jfrog repo for dependencies
Engineering-Research-and-Development · Feb 12, 2024 · 78e45a9 · 78e45a9
1 parent 2c8e2d0
commit 78e45a9
Show file tree

Hide file tree

Showing 14 changed files with 279 additions and 119 deletions.
diff --git a/.github/workflows/ECC.yml b/.github/workflows/ECC.yml
@@ -24,9 +24,6 @@ jobs:
           java-version: '11'
           cache: maven
 
-      - name: Install maven dependencies
-        run: ./ci/mavenDependency.sh      
-
       - name: Build with Maven
         run: mvn clean package
 

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
@@ -21,9 +21,6 @@ jobs:
       with:
         java-version: '11'
         distribution: 'temurin'
-    - name: Install maven dependencies
-      run: ./ci/mavenDependency.sh      
-    - name: Build with Maven
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         GH_PACKAGE_REPO_PASSWORD: ${{ secrets.GH_PACKAGE_REPO_PASSWORD }}

diff --git a/.github/workflows/maven_release.yml b/.github/workflows/maven_release.yml
@@ -30,9 +30,6 @@ jobs:
       uses: webfactory/[email protected]
       with:
         ssh-private-key: ${{ secrets.SSH_KEY }}
-
-    - name: Install maven dependencies
-      run: ./ci/mavenDependency.sh      
 
     - name: Release with Maven
       env:

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,21 @@
 # Changelog
 All notable changes to this project will be documented in this file.
 
+## [1.14.8] - 2024-02-14
+
+### Added
+
+ - Audit logs stored in database
+ - New endpoint for fetching audit events
+
+### Changed
+
+ - Using JFrog for IDS dependency management
+
+### Removed
+
+ - Audit events are not stored into file with this change but in DB onlys
+
 ## [1.14.7] - 2024-01-19
 
 ### Added

diff --git a/ci/docker/ecc_resources_consumer/application-docker.properties b/ci/docker/ecc_resources_consumer/application-docker.properties
@@ -183,5 +183,18 @@ application.selfdescription.filelocation=/home/nobody/data/sd
 application.selfdescription.inboundModelVersion=4.0.0,4.1.0,4.1.2,4.2.0,4.2.1,4.2.2,4.2.3,4.2.4,4.2.5,4.2.6,4.2.7
 application.selfdescription.defaultEndpoint=
 
+#H2 properties
+spring.datasource.url=jdbc:h2:file:./audit_logs_sender;CIPHER=AES
+spring.jpa.database-platform=org.hibernate.dialect.H2Dialect
+spring.datasource.driver-class-name=org.h2.Driver
+
+spring.jpa.show-sql=false
+spring.jpa.generate-ddl=true
+spring.jpa.hibernate.ddl-auto=update
+spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation=true
+spring.h2.console.enabled=true
+spring.datasource.username=sa
+spring.datasource.password=file_password password
+
 #For logging the response over WSS set to DEBUG, else leave empty
 #logging.level.it.eng.idsa.businesslogic.processor.receiver=
diff --git a/ci/docker/ecc_resources_provider/application-docker.properties b/ci/docker/ecc_resources_provider/application-docker.properties
@@ -186,5 +186,18 @@ application.selfdescription.filelocation=/home/nobody/data/sd
 application.selfdescription.inboundModelVersion=4.0.0,4.1.0,4.1.2,4.2.0,4.2.1,4.2.2,4.2.3,4.2.4,4.2.5,4.2.6,4.2.7
 application.selfdescription.defaultEndpoint=
 
+#H2 properties
+spring.datasource.url=jdbc:h2:file:./audit_logs_receiver;CIPHER=AES
+spring.jpa.database-platform=org.hibernate.dialect.H2Dialect
+spring.datasource.driver-class-name=org.h2.Driver
+
+spring.jpa.show-sql=false
+spring.jpa.generate-ddl=true
+spring.jpa.hibernate.ddl-auto=update
+spring.jpa.properties.hibernate.jdbc.lob.non_contextual_creation=true
+spring.h2.console.enabled=true
+spring.datasource.username=sa
+spring.datasource.password=file_password password
+
 #For logging the response over WSS set to DEBUG, else leave empty
 #logging.level.it.eng.idsa.businesslogic.processor.receiver=
diff --git a/ci/docker/test-cases/https-https-form/HTTPS-HTTPS-form-API.json b/ci/docker/test-cases/https-https-form/HTTPS-HTTPS-form-API.json
@@ -1,6 +1,6 @@
 {
 	"info": {
-		"_postman_id": "6ef42754-a67c-4321-b679-ca0dc818c213",
+		"_postman_id": "dcc7e70f-8709-4412-898a-be604e89c13d",
 		"name": "GHA API Tests",
 		"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json",
 		"_exporter_id": "12578087"
@@ -504,6 +504,169 @@
 				}
 			},
 			"response": []
+		},
+		{
+			"name": "HTTPS-HTTPS-form-Audit_logs",
+			"event": [
+				{
+					"listen": "test",
+					"script": {
+						"exec": [
+							"var jsonData = pm.response.json();\r",
+							"pm.response.to.be.ok;\r",
+							""
+						],
+						"type": "text/javascript"
+					}
+				}
+			],
+			"request": {
+				"auth": {
+					"type": "basic",
+					"basic": [
+						{
+							"key": "username",
+							"value": "apiUser",
+							"type": "string"
+						},
+						{
+							"key": "password",
+							"value": "password",
+							"type": "string"
+						}
+					]
+				},
+				"method": "GET",
+				"header": [],
+				"url": {
+					"raw": "https://localhost:8090/api/audit/",
+					"protocol": "https",
+					"host": [
+						"localhost"
+					],
+					"port": "8090",
+					"path": [
+						"api",
+						"audit",
+						""
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "HTTPS-HTTPS-form-Audit_logs_date_invalid",
+			"event": [
+				{
+					"listen": "test",
+					"script": {
+						"exec": [
+							"pm.test(\"Invalid date param for audit logs\", function () {\r",
+							"  pm.response.to.have.status(400);\r",
+							"});"
+						],
+						"type": "text/javascript"
+					}
+				},
+				{
+					"listen": "prerequest",
+					"script": {
+						"exec": [
+							"var moment = require('moment');\r",
+							"pm.environment.set('currentdate', moment().format((\"YYYY-MM-DD\")));"
+						],
+						"type": "text/javascript"
+					}
+				}
+			],
+			"request": {
+				"auth": {
+					"type": "basic",
+					"basic": [
+						{
+							"key": "username",
+							"value": "apiUser",
+							"type": "string"
+						},
+						{
+							"key": "password",
+							"value": "password",
+							"type": "string"
+						}
+					]
+				},
+				"method": "GET",
+				"header": [],
+				"url": {
+					"raw": "https://localhost:8090/api/audit/?date=invalid_date",
+					"protocol": "https",
+					"host": [
+						"localhost"
+					],
+					"port": "8090",
+					"path": [
+						"api",
+						"audit",
+						""
+					],
+					"query": [
+						{
+							"key": "date",
+							"value": "invalid_date"
+						}
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "HTTPS-HTTPS-form-Audit_logs_unauthorized",
+			"event": [
+				{
+					"listen": "test",
+					"script": {
+						"exec": [
+							"pm.test(\"Unauthorized user for audit logs\", function () {\r",
+							"  pm.response.to.have.status(401);\r",
+							"});"
+						],
+						"type": "text/javascript"
+					}
+				}
+			],
+			"request": {
+				"auth": {
+					"type": "basic",
+					"basic": [
+						{
+							"key": "username",
+							"value": "unauth",
+							"type": "string"
+						},
+						{
+							"key": "password",
+							"value": "password",
+							"type": "string"
+						}
+					]
+				},
+				"method": "GET",
+				"header": [],
+				"url": {
+					"raw": "https://localhost:8090/api/audit/",
+					"protocol": "https",
+					"host": [
+						"localhost"
+					],
+					"port": "8090",
+					"path": [
+						"api",
+						"audit",
+						""
+					]
+				}
+			},
+			"response": []
 		}
 	],
 	"variable": [

diff --git a/ci/mavenDependency.sh b/ci/mavenDependency.sh