Detect secrets GitHub action #194
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 2 commits
August 26, 2024 19:28
…l and openldap-customldif.yaml
lgrateau
approved these changes
Aug 27, 2024
lgrateau
added a commit
that referenced
this pull request
Dec 13, 2024
* Add terraform scripts to provision ODM landing zone on IBM Cloud (#191) * added terraform for ODM on ROKS * updated readme * Update README.md * Link checker * DBACLD-148300 Enable detect secret * DBACLD-148300 Enable detect secret * New pre-commit version * Add script to extract user-group-mgt from entraid * Detect secrets GitHub action (#194) * detect-secrets github action * update .secrets.baseline with secrets from ldap-custom-ssl-secret.yaml and openldap-customldif.yaml * run the github action on push only (not pull_request) --------- Co-authored-by: Frederic Mercier <[email protected]> * send notification to Slack if detect-secrets failed * typo on rtsUser role name * update secret baseline * updated ECS README and docker-compose * update baseline * update with audit for ldap yaml * remove exclude * groups and users synchro * Update README_WITH_CLIENT_SECRET.md * Update README_WITH_CLIENT_SECRET.md * Update README_WITH_CLIENT_SECRET.md * Update README_WITH_CLIENT_SECRET.md * Update README_WITH_CLIENT_SECRET.md * API Permissions * Add outbound rule configuration * add RES_URL info * images for datasync * Note on sidecar image * Create Dockerfile * add info about using Amazon root CA and EFS file system * Update README_WITH_CLIENT_SECRET.md * add DC server config edit * update comment in docker-compose file * explain HTTPS mode * resize images display * correct url typo * add info about HTTPS listeners * improve documenentation and add tutorial architecture schema * add steps for runtime to communicate with res notif server * add explanation about restarting runtime * update docker compose file different ECS tasks * Update - target group settings for DC and runtime * update comment in docker files * add TOC * remove : from titles * Update TOC * correct incorrect toc link * file server * check download * Update README.md * replaced by dedicated tutorials * typos * Update README.md * update doc * update for 24.1.0 * DBACLD-155807 validate instructions for using keycloak with ODM * update .secrets.baseline * update nginx ingress to create nlb instead of classic lb in AWS * restore snapshot URL * keycloak parameter change * restore intro that was deleted by TOC generator plugin * update dead link * update dead link * accessing the keycloak console behind a proxy * Review Minikube installation. (#199) * option renamed into "Always display in console" in Create Client wizard * fine-grained permission * First part * Try to fix inline note * Fix inline notes * Try fix * Another try with inline notes * Markdown is painful sometimes * Simplification * Removed user-chosen secret names * GCP changed details in Load Balancer * Markdown (URLs) * DBACLD-155793 Validate Instructions for OKTA as OIDC provider * update wrt ibm licensing service 4.9 * update the script and template file with the same changes as in keycloak-odm-script-original.zip * update instruction for applying licensing 4.9 * update instruction to apply licensing 4.9 for nginx ingress * update LS troubleshooting url * update version to 9.0.0.1 release in dec * update to 9.0.0.1 * Prepare delivery of the new release. DBACLD-157428. Deliver ODM for Developpers charts (#206) * Updated TLS secret name * token reuse * navigation * Force image version (as the doc will be merged to dedicated branches) * Typo * ROKS Review (#207) * integrated changes from Lionel M (#208) * regenerate zip file * regenerate zip file * remove bash on scripts * update jose lib version * missing AZUREAD_TENANT_ID * refactor licensing * .secrets.baseline * rename * update doc and test procedure with case 1.8.5 * Update README-NGINX.md * Update README.md * Update README.md * move to flexible-server 15 * update secret baseline * remove image.tag 9.0.0.0 and re-add back --version 24.1.0 * removed explanation and only focus on latest case * 9.0.0.1 update * push helm values files * Update README-NGINX.md * Update README.md Versioning repo * add ECS Fargate to platform list (#212) * Add License section to ECS README.md * Reformat table in minikube README.md to have better printout in PDF * ibm-entitlement-key is the default as imagePullSecret * Update odm appversion to 9.0.0.1 & chart version to 24.1.0 (#213) * Added load_balancing_resources.png + rewrote part of NGINX * Renaming + accept license * Native Load Balancer screenshots * Renaming * Fixed URLs * Added reference about URL rewrite * Updated version and ingressClass * Revert "ibm-entitlement-key is the default as imagePullSecret" This reverts commit ce8b56b. * Added instructions for correct IBMLicensing CR * Update index.yaml (#215) * broken link * Update README_FINE_GRAIN_PERMISSION.md --------- Co-authored-by: Lionel <[email protected]> Co-authored-by: Mathias Mouly <[email protected]> Co-authored-by: Frederic Mercier <[email protected]> Co-authored-by: Frederic Mercier <[email protected]> Co-authored-by: siasin <[email protected]> Co-authored-by: Pierre-Yves Lochou <[email protected]> Co-authored-by: Pierre-Yves Lochou <[email protected]>
lgrateau
added a commit
that referenced
this pull request
Dec 13, 2024
* ignore broken links whose URL starts with localhost * Fix link checker * #190 * Update README.md * Add terraform scripts to provision ODM landing zone on IBM Cloud (#191) * added terraform for ODM on ROKS * updated readme * Update README.md * Add terraform scripts to provision ODM landing zone on IBM Cloud (#191) * added terraform for ODM on ROKS * updated readme * Update README.md * Link checker * ROKS Schema * DBACLD-148300 Enable detect secret * DBACLD-148300 Enable detect secret * New pre-commit version * Add script to extract user-group-mgt from entraid * Detect secrets GitHub action (#194) * detect-secrets github action * update .secrets.baseline with secrets from ldap-custom-ssl-secret.yaml and openldap-customldif.yaml * run the github action on push only (not pull_request) --------- Co-authored-by: Frederic Mercier <[email protected]> * add GitHub action running detect-secrets * fix detect-secrets github action error * send notification to Slack if detect-secrets failed * send notification to Slack if detect-secrets failed * typo on rtsUser role name * update secret baseline * updated ECS README and docker-compose * update baseline * update with audit for ldap yaml * remove exclude * groups and users synchro * Update README_WITH_CLIENT_SECRET.md * Update README_WITH_CLIENT_SECRET.md * Update README_WITH_CLIENT_SECRET.md * Update README_WITH_CLIENT_SECRET.md * Update README_WITH_CLIENT_SECRET.md * API Permissions * Add outbound rule configuration * add RES_URL info * images for datasync * Note on sidecar image * Create Dockerfile * add info about using Amazon root CA and EFS file system * Update README_WITH_CLIENT_SECRET.md * add DC server config edit * update comment in docker-compose file * explain HTTPS mode * resize images display * correct url typo * add info about HTTPS listeners * improve documenentation and add tutorial architecture schema * add steps for runtime to communicate with res notif server * add explanation about restarting runtime * update docker compose file different ECS tasks * Update - target group settings for DC and runtime * update comment in docker files * add TOC * remove : from titles * Update TOC * correct incorrect toc link * file server * check download * Update README.md * replaced by dedicated tutorials * typos * Update README.md * update doc * update for 24.1.0 * DBACLD-155807 validate instructions for using keycloak with ODM * update .secrets.baseline * update nginx ingress to create nlb instead of classic lb in AWS * restore snapshot URL * keycloak parameter change * restore intro that was deleted by TOC generator plugin * update dead link * update dead link * accessing the keycloak console behind a proxy * Review Minikube installation. (#199) * option renamed into "Always display in console" in Create Client wizard * fine-grained permission * First part * Try to fix inline note * Fix inline notes * Try fix * Another try with inline notes * Markdown is painful sometimes * Simplification * Removed user-chosen secret names * GCP changed details in Load Balancer * Markdown (URLs) * DBACLD-155793 Validate Instructions for OKTA as OIDC provider * update wrt ibm licensing service 4.9 * update the script and template file with the same changes as in keycloak-odm-script-original.zip * update instruction for applying licensing 4.9 * update instruction to apply licensing 4.9 for nginx ingress * update LS troubleshooting url * update version to 9.0.0.1 release in dec * update to 9.0.0.1 * Prepare delivery of the new release. DBACLD-157428. Deliver ODM for Developpers charts (#206) * Updated TLS secret name * token reuse * navigation * Force image version (as the doc will be merged to dedicated branches) * Typo * ROKS Review (#207) * integrated changes from Lionel M (#208) * regenerate zip file * regenerate zip file * remove bash on scripts * update jose lib version * missing AZUREAD_TENANT_ID * refactor licensing * .secrets.baseline * rename * update doc and test procedure with case 1.8.5 * Update README-NGINX.md * Update README.md * Update README.md * move to flexible-server 15 * update secret baseline * remove image.tag 9.0.0.0 and re-add back --version 24.1.0 * removed explanation and only focus on latest case * 9.0.0.1 update * push helm values files * Update README.md * Update README-NGINX.md * Update README.md Versioning repo * add ECS Fargate to platform list (#212) * Add License section to ECS README.md * Reformat table in minikube README.md to have better printout in PDF * ibm-entitlement-key is the default as imagePullSecret * Update odm appversion to 9.0.0.1 & chart version to 24.1.0 (#213) * Added load_balancing_resources.png + rewrote part of NGINX * Renaming + accept license * Native Load Balancer screenshots * Renaming * Fixed URLs * Added reference about URL rewrite * Updated version and ingressClass * Revert "ibm-entitlement-key is the default as imagePullSecret" This reverts commit ce8b56b. * Added instructions for correct IBMLicensing CR * Update index.yaml (#215) * broken link * Update README_FINE_GRAIN_PERMISSION.md (#216) * Update README_FINE_GRAIN_PERMISSION.md * Update README_FINE_GRAIN_PERMISSION.md * Update README_FINE_GRAIN_PERMISSION.md --------- Co-authored-by: Frederic Mercier <[email protected]> Co-authored-by: Mathias Mouly <[email protected]> Co-authored-by: Lionel <[email protected]> Co-authored-by: Frederic Mercier <[email protected]> Co-authored-by: siasin <[email protected]> Co-authored-by: Pierre-Yves Lochou <[email protected]> Co-authored-by: Pierre-Yves Lochou <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.