Skip to content

Latest commit

 

History

History
195 lines (194 loc) · 38.5 KB

CHANGELOG.md

File metadata and controls

195 lines (194 loc) · 38.5 KB

v0.1.0 - 2024-12-25

Bug Fixes

  • (#137) remove the dependency vulnerability suppression - (95995d0) - abhisheksr01
  • (#137) temporary suppress spring dependency vulnerabilities - (90e75f2) - abhisheksr01
  • (#146) docker image vulnerabilities - (deedd3b) - abhisheksr01
  • (#147) concourse pipeline failure - (346797c) - abhisheksr01
  • (#210) pitest mutation tests not running - (ba80428) - abhisheksr01
  • (#214) add clean to jacoco gradle task in cirleci - (d2a6e90) - abhisheksr01
  • (#220) vulnerabilities in ci.Dockerfile image and allow 1 high - (e18fb21) - abhisheksr01
  • (#273) hadolint errors in ci.Dockerfile - (ad4d827) - abhisheksr01
  • (#74) failing acceptance test in pipeline - (276a1f2) - abhisheksr01
  • (.mergify.yml) update base branch to master - (31e2350) - abhisheksr01
  • (Dockerfile) #106 use non root user for building container image - (28aa2a7) - abhisheksr01
  • (build.gradle) disable generating plain jar file causing docker image build error - (6fbb198) - abhisheksr01
  • (ci.Dockerfile) bump dependencies of gradle & fix docker vulnerability - (0a84edc) - abhisheksr01
  • (concourse-ci/pipeline.yml) health job script path & pen test job hanging - (f5ac163) - abhisheksr01
  • (config.yml) deploy the image built in pipeline rather then latest - (98b87aa) - abhisheksr01
  • (create-repo-visualization.yml) fix Github Action failure - (a74dfa9) - abhisheksr01
  • Update pr.yml to use PUseNVDKey - (0e6b1f3) - Abhishek Singh Rajput
  • use openjdk:17 instead of highly vulnerable openjdk:17-ea-22-oracle - (a317a8b) - abhisheksr01
  • replace dockerbase alpine image to openjdk:17-ea-22-oracle - (aa4d520) - abhisheksr01
  • CKV_DOCKER_3: Ensure that a user for the container has been created - (7ed29f1) - abhisheksr01
  • checkstyle * import warnings (#86) - (f82ea2e) - Neha-Rajput

Build system

  • (#220) bump jdk to 21 and gradle to 8.4 - (ac8b9c5) - abhisheksr01
  • (#271) use gradle 8.5 and openjdk 21 base images in the Dockerfile - (b08355e) - abhisheksr01
  • (#287) rename default master branch to main - (43b468b) - abhisheksr01

Continuous Integration

  • (#212) use the cimg/openjdk:21.0.0 image in sast circleci job - (f1eb4f8) - abhisheksr01
  • (#212) use the base-jdk image in sast circleci job - (7d49d21) - abhisheksr01
  • (#212) add SNYK_TOKEN and command arg in circleci sast job - (b5ec2e0) - abhisheksr01
  • (#212) implement Snyk SAST in circleci pipeline - (1a7095d) - abhisheksr01
  • (#272) update dependency vulnerability cache path - (90b66f7) - abhisheksr01
  • (#272) update cache path to trigger a new cache - (460dad0) - abhisheksr01
  • (#272) update cache path for owasp dependencycheck - (bf4dc59) - abhisheksr01
  • (#276) update cache key reference in github actions - (bf02bc4) - abhisheksr01
  • (#276) use nvd api key and cache action in github action - (52aba3b) - abhisheksr01
  • (#276) add build,test and dependency scan jobs in github actions - (f4933c0) - abhisheksr01
  • (#276) add dependabot config for github actions - (795ad89) - abhisheksr01
  • (#281) bump java 17 to 21 in concourse,sdk config and README - (da73398) - abhisheksr01
  • (#281) bump java 17 to 21 in azure pipeline - (a3cbc50) - abhisheksr01
  • (#281) bump java 17 to 21 in gcp cloud build pipeline - (0b1bf29) - abhisheksr01
  • (#282) add support for local concourse mac m1 - (a23d459) - abhisheksr01
  • (#283) remove_class:arm as now dind-utils image supports both arm and amd architectures - (97bd4f9) - abhisheksr01
  • (#283) use arm class for the dind-utils image in circleci job - (927e2f4) - abhisheksr01
  • (pipeline.yml) #275 add cocogitto based conventional-commit-check job in GHA - (deb75d2) - abhisheksr01
  • (pipeline.yml) #276 add docker-build-push job in GHA workflow - (731bdb0) - abhisheksr01
  • (pipeline.yml) #276 uncomment the GHA pipeline - (0796eab) - abhisheksr01
  • (pipeline.yml) #106 fix sast jobs in github actions - (f6a3ffc) - abhisheksr01
  • (pipeline.yml) #276 add static analysis jobs in github action - (ae40d5d) - abhisheksr01
  • update sarif report path for trivy sast job - (5001ba0) - Abhishek Singh Rajput
  • add trivy dockerfile sast scan - (2ff9955) - Abhishek Singh Rajput

Documentation

  • (#281) update hadolint instructions - (06233f3) - abhisheksr01
  • (README.md) update kubernetes instructions - (0739b33) - Abhishek Singh Rajput

Features

  • (#106) update README with snyk info - (4671589) - abhisheksr01
  • (#106) update README with devsecops intro - (0fd6c77) - abhisheksr01
  • (#106) add circleci job to scan IAM using checkov - (31e9dce) - abhisheksr01
  • (#136) change java version in github actions executor - (213cb2b) - abhisheksr01
  • (#136) add github action to execute tests on PR branches - (02374ac) - abhisheksr01
  • (#15) add mergify for auto mergin dependabot PR's - (d2b2477) - abhisheksr01
  • (Jenkinsfile) Added Jenkinsfile for git pull,build & testing stages - (4b8f6de) - abhisheksr01
  • (cloudbuild.yaml,Dockerfile) CI/CD through Google Cloud Build & Cloud Run - (4d0cbd7) - abhisheksr01
  • (config.yml) add helm lint in circleci job - (95a683d) - abhisheksr01
  • (hadolint) add hodalint dockerfile linting instructions - (0019e0b) - abhisheksr01
  • (hadolint) add hadolint in circleci & fix dockerfile linting - (8a72d9e) - abhisheksr01
  • (pipeline.ym) add concourse job for helm deployment - (4224ef9) - abhisheksr01
  • (pipeline.yml) concourse add healthcheck,acceptance,pen,performance test jobs - (e0df193) - abhisheksr01
  • (pipeline.yml) concourse add docker-build-scan-push job - (2071ed6) - abhisheksr01
  • add check if crn is alphanumeric - (83f819f) - abhisheksr01
  • create repo visualization - (54aa3a1) - abhisheksr01

Miscellaneous Chores

  • (#106) move checkov iac scan job to circleci scheduled workflow - (b6db47b) - abhisheksr01
  • (#118) failing k8s deployment stage in circleci - (2e81774) - abhisheksr01-informa
  • (#118) bump dependencies with a workaround fix - (ce7ac5a) - abhisheksr01-informa
  • (#212) remove references to checkstyle in build.gradle - (d12265c) - abhisheksr01
  • (#220) update vulnerability-checks.sh to allow 1 high vulnerability - (d1e0dfa) - abhisheksr01
  • (#273) only pick 1st occurance of the trivy scan status - (29b6e3c) - abhisheksr01
  • (#286) remove unwanted annotation - (1f7a461) - abhisheksr01
  • (#286) add Controller Integration Test - (7f0bb47) - abhisheksr01
  • (README.md) make README bash command copiable - (8a6cdad) - abhisheksr01
  • (README.md) Update Jenkins installation guide - (e0fcb4c) - abhisheksr01
  • (buil.gradle) bump dependencies - (7787e6b) - abhisheksr01
  • (build.gradle) bump owasp dependencycheck dependency - (0f9c06b) - abhisheksr01
  • (build.gradle) bump dependencies - (6247a76) - abhisheksr01
  • (build.gradle) bump dependencies - (74aaaf2) - abhisheksr01
  • (build.gradle) bump dependencies - (e066f5d) - abhisheksr01
  • (build.gradle) bump dependencies - (c80e700) - abhisheksr01
  • (build.gradle) bump dependencies - (d4f76aa) - abhisheksr01
  • (build.gradle) bump ioCucumber to 6.10.4 - (f08c4f1) - abhisheksr01
  • (build.gradle) bump dependencies - (07ece0e) - abhisheksr01
  • (build.gradle) bump dependencies - (3b136af) - abhisheksr01
  • (build.gradle,README.md) bump dependencies & update concourse README instructions - (4b874e7) - abhisheksr01
  • (build.gradle,gradle-w.prop) bump depdencies & gradlew version - (dd97431) - abhisheksr01
  • (concourse-ci) use specific tags instead of latest in docker-compose.yml - (7d0b88a) - abhisheksr01
  • (config.yml) stop circleci executing on PR in favour of GithubActions - (08e8733) - abhisheksr01
  • (config.yml) bump the circleci java executor - (2e7fcbf) - abhisheksr01
  • (dependabot.yml) remove the unwanted ignores - (681e621) - Abhishek Singh Rajput
  • (deps) #106 bump dependencies and use trivy.yaml to fix security vulnerability - (151aa7c) - abhisheksr01
  • (deps) update dependabot config - (81ae1a1) - abhisheksr01
  • (deps) bump spring dependencies - (6a3a4bd) - abhisheksr01
  • (deps) bump dev and test dependencies - (3fdcad9) - @abhisheksr01
  • (deps) bump org.owasp.dependencycheck from 9.0.9 to 11.1.1 - (0c81acf) - dependabot[bot]
  • (deps) bump org.junit.vintage:junit-vintage-engine - (56dc9f3) - dependabot[bot]
  • (deps) bump org.springframework.boot from 3.2.1 to 3.2.2 - (2363809) - dependabot[bot]
  • (deps) bump org.owasp.dependencycheck from 9.0.8 to 9.0.9 - (326fefc) - dependabot[bot]
  • (deps) bump info.solidsoft.pitest from 1.9.11 to 1.15.0 - (ac3c292) - dependabot[bot]
  • (deps) bump org.springframework.boot from 3.1.3 to 3.1.4 - (a880c23) - dependabot[bot]
  • (deps) bump org.projectlombok:lombok from 1.18.28 to 1.18.30 - (d0c527f) - dependabot[bot]
  • (deps) bump ioCucumberVersion from 7.13.0 to 7.14.0 - (b275fdf) - dependabot[bot]
  • (deps) bump com.github.tomakehurst:wiremock from 3.0.0 to 3.0.1 - (a30c154) - dependabot[bot]
  • (deps) bump com.github.tomakehurst:wiremock - (b10554f) - dependabot[bot]
  • (deps) bump org.springframework.boot from 3.1.2 to 3.1.3 - (1e62a2c) - dependabot[bot]
  • (deps) bump org.owasp.dependencycheck from 8.3.1 to 8.4.0 - (46beb79) - dependabot[bot]
  • (deps) bump io.spring.dependency-management from 1.1.2 to 1.1.3 - (3508a9a) - dependabot[bot]
  • (deps) bump org.springdoc:springdoc-openapi-starter-webmvc-ui - (df0c3e0) - dependabot[bot]
  • (deps) bump org.junit.vintage:junit-vintage-engine - (c2ca93b) - dependabot[bot]
  • (deps) bump org.springframework.boot from 3.1.1 to 3.1.2 - (29e1eea) - dependabot[bot]
  • (deps) bump io.spring.dependency-management from 1.1.0 to 1.1.2 - (9ffb214) - dependabot[bot]
  • (deps) bump ioCucumberVersion from 7.12.1 to 7.13.0 - (f4c0a6b) - dependabot[bot]
  • (deps) bump org.springframework.boot from 3.1.0 to 3.1.1 - (9ba9443) - dependabot[bot]
  • (deps) bump org.owasp.dependencycheck from 8.2.1 to 8.3.1 - (b61b54e) - dependabot[bot]
  • (deps) bump com.github.tomakehurst:wiremock - (0de89cc) - dependabot[bot]
  • (deps) bump com.github.tomakehurst:wiremock - (ca37b20) - dependabot[bot]
  • (deps) bump ioCucumberVersion from 7.12.0 to 7.12.1 - (9af8a5f) - dependabot[bot]
  • (deps) bump org.projectlombok:lombok from 1.18.26 to 1.18.28 - (252c4dd) - dependabot[bot]
  • (deps) bump org.pitest:pitest-junit5-plugin from 1.1.2 to 1.2.0 - (c25c81f) - dependabot[bot]
  • (deps) bump org.springframework.boot from 3.0.7 to 3.1.0 - (e9feb5f) - dependabot[bot]
  • (deps) bump org.springframework.boot from 3.0.6 to 3.0.7 - (d9c554c) - dependabot[bot]
  • (deps) bump ioCucumberVersion from 7.11.2 to 7.12.0 - (36c95e8) - dependabot[bot]
  • (deps) bump org.junit.vintage:junit-vintage-engine - (97c905c) - dependabot[bot]
  • (deps) bump com.github.tomakehurst:wiremock - (f534e51) - dependabot[bot]
  • (deps) bump mapstructVersion from 1.5.3.Final to 1.5.5.Final - (7536e46) - dependabot[bot]
  • (deps) bump org.springframework.boot from 3.0.5 to 3.0.6 - (1f7c5ff) - dependabot[bot]
  • (deps) bump org.springdoc:springdoc-openapi-starter-webmvc-ui - (19fab5c) - dependabot[bot]
  • (deps) bump com.github.tomakehurst:wiremock - (f0a613f) - dependabot[bot]
  • (deps) bump com.github.tomakehurst:wiremock - (390df66) - dependabot[bot]
  • (deps) bump ioCucumberVersion from 7.11.1 to 7.11.2 - (7441b91) - dependabot[bot]
  • (deps) bump org.owasp.dependencycheck from 8.1.2 to 8.2.1 - (6e03f23) - dependabot[bot]
  • (deps) bump com.github.tomakehurst:wiremock - (87cfa89) - dependabot[bot]
  • (deps) bump info.solidsoft.pitest from 1.9.0 to 1.9.11 - (7ca3e7e) - dependabot[bot]
  • (deps) bump org.owasp.dependencycheck from 7.3.0 to 7.3.2 - (7b87dfe) - dependabot[bot]
  • (deps) bump ioCucumberVersion from 7.8.1 to 7.9.0 - (ee7f263) - dependabot[bot]
  • (deps) bump org.springframework.boot from 2.7.4 to 2.7.5 - (6dd0b3a) - dependabot[bot]
  • (deps) bump org.owasp.dependencycheck from 7.2.1 to 7.3.0 - (f407f31) - dependabot[bot]
  • (deps) bump io.spring.dependency-management - (68b5f79) - dependabot[bot]
  • (deps) bump mapstructVersion from 1.5.2.Final to 1.5.3.Final - (701f370) - dependabot[bot]
  • (deps) bump ioCucumberVersion from 7.8.0 to 7.8.1 - (e9830e1) - dependabot[bot]
  • (deps) bump org.springframework.boot from 2.7.3 to 2.7.4 - (d7367e8) - dependabot[bot]
  • (deps) bump io.spring.dependency-management - (5a2de24) - dependabot[bot]
  • (deps) bump junit-vintage-engine from 5.9.0 to 5.9.1 - (22bb7d4) - dependabot[bot]
  • (deps) bump org.owasp.dependencycheck from 7.2.0 to 7.2.1 - (8400a1c) - dependabot[bot]
  • (deps) bump org.owasp.dependencycheck from 7.1.2 to 7.2.0 - (0261533) - dependabot[bot]
  • (deps) bump ioCucumberVersion from 7.7.0 to 7.8.0 - (c06ac12) - dependabot[bot]
  • (deps) bump ioCucumberVersion from 7.6.0 to 7.7.0 - (e1d3375) - dependabot[bot]
  • (deps) bump org.owasp.dependencycheck from 7.1.1 to 7.1.2 - (9d152ef) - dependabot[bot]
  • (deps) bump info.solidsoft.pitest from 1.7.4 to 1.9.0 - (6c599c1) - dependabot[bot]
  • (deps) bump io.spring.dependency-management - (2aeb7ef) - dependabot[bot]
  • (deps) bump org.springframework.boot from 2.7.2 to 2.7.3 - (718d288) - dependabot[bot]
  • (deps) bump ioCucumberVersion from 7.4.1 to 7.6.0 - (1c970d8) - dependabot[bot]
  • (deps) bump org.springframework.boot from 2.7.1 to 2.7.2 - (bdddd6d) - dependabot[bot]
  • (deps) bump io.spring.dependency-management - (6056979) - dependabot[bot]
  • (deps) bump ioCucumberVersion from 7.3.4 to 7.4.1 (#158) - (9a3620f) - dependabot[bot]
  • (deps) bump org.springframework.boot from 2.7.0 to 2.7.1 - (0fa1481) - dependabot[bot]
  • (deps) bump mapstructVersion from 1.4.2.Final to 1.5.2.Final - (6ab2089) - dependabot[bot]
  • (deps) bump org.owasp.dependencycheck from 7.1.0.1 to 7.1.1 - (497b1ad) - dependabot[bot]
  • (deps) bump ioCucumberVersion from 7.3.3 to 7.3.4 - (0d915ae) - dependabot[bot]
  • (deps) bump ioCucumberVersion from 7.3.2 to 7.3.3 - (07a80e8) - dependabot[bot]
  • (deps) bump org.owasp.dependencycheck from 7.0.4.1 to 7.1.0.1 - (7ebfd4c) - dependabot[bot]
  • (deps) bump ioCucumberVersion from 7.3.1 to 7.3.2 - (daced2c) - dependabot[bot]
  • (deps) bump ioCucumberVersion from 7.2.3 to 7.3.1 - (5b4ff7c) - dependabot[bot]
  • (deps) bump org.springframework.boot from 2.6.6 to 2.6.7 - (3c24d10) - dependabot[bot]
  • (deps) bump lombok from 1.18.22 to 1.18.24 (#138) - (d8a21f0) - Abhishek Singh Rajput
  • (deps) bump ioCucumberVersion from 6.2.0 to 6.4.0 (#27) - (ce63b58) - dependabot-preview[bot]
  • (deps) bump ioCucumberVersion from 6.1.0 to 6.1.2 (#19) - (d746a43) - dependabot-preview[bot]
  • (deps) bump ioCucumberVersion from 5.0.0-RC4 to 6.1.0 (#11) - (1b11c7a) - dependabot-preview[bot]
  • (deps) bump org.springframework.boot from 2.3.0.RELEASE to 2.3.1.RELEASE (#12) - (7911fd0) - dependabot-preview[bot]
  • (deps) bump lombok from 1.18.8 to 1.18.12 - (f6be195) - dependabot-preview[bot]
  • (deps) bump io.spring.dependency-management - (672f5ce) - dependabot-preview[bot]
  • (deps) bump pitest-junit5-plugin from 0.10 to 0.12 - (26e90d0) - dependabot-preview[bot]
  • (gradle-wrapper.jar) add gradle wrapper jar - (45a2c4d) - abhisheksr01
  • (gradlew) bump version to 7.0.2 - (aaa58e1) - abhisheksr01
  • (jenkinsfile) update git url & add dependency vulnerability stage - (aa0267f) - abhisheksr01
  • (pipeline.yml) concourse update the docker task path - (f91a5b2) - abhisheksr01
  • (scripts) extract the log prettifiers into utils.sh - (26b39a2) - abhisheksr01
  • bump depenencycheck,springdoc,pitest,junitvintage dependencies - (486c753) - abhisheksr01
  • bump springboot,gradlew, cucumber and wiremock dependencies - (b4786f7) - abhisheksr01
  • update bad request test - (37eff98) - abhisheksr01
  • bump dependencies - (d2cfdbb) - abhisheksr01
  • bump gradlew & springboot version - (1d0bd54) - abhisheksr01
  • remove trivy installation in shell script & use abhisheksr01/eks-helm image in circleci - (cfb1e4d) - abhisheksr01
  • Add name attribute to health check job in workflow - (72afed0) - abhisheksr01