Skip to content

Commit d8e6d88

Browse files
committed
Merge branch 'dev' of https://github.com/MaibornWolff/SecObserve into stackable
2 parents 621ef88 + 6ce6c28 commit d8e6d88

File tree

75 files changed

+1414
-1072
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

75 files changed

+1414
-1072
lines changed

.github/workflows/build_push_dev.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ jobs:
4242
-
4343
name: Build and push backend
4444
id: build-and-push-backend
45-
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
45+
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
4646
with:
4747
context: .
4848
file: ./docker/backend/prod/django/Dockerfile
@@ -89,7 +89,7 @@ jobs:
8989
-
9090
name: Build and push frontend
9191
id: build-and-push-frontend
92-
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
92+
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
9393
with:
9494
context: .
9595
file: ./docker/frontend/prod/Dockerfile

.github/workflows/build_push_release.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ jobs:
4242
run: echo "CREATED=$(date +'%Y-%m-%dT%H:%M:%S')" >> $GITHUB_ENV
4343
-
4444
name: Build and push backend
45-
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
45+
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
4646
with:
4747
context: .
4848
file: ./docker/backend/prod/django/Dockerfile
@@ -87,7 +87,7 @@ jobs:
8787
run: echo "CREATED=$(date +'%Y-%m-%dT%H:%M:%S')" >> $GITHUB_ENV
8888
-
8989
name: Build and push frontend
90-
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
90+
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
9191
with:
9292
context: .
9393
file: ./docker/frontend/prod/Dockerfile

.github/workflows/release_helm_chart.yaml

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,20 @@
11
name: Publish released chart
22

33
on:
4+
workflow_dispatch:
45
push:
56
branches:
67
- main
78
paths:
89
- charts/**
910

11+
permissions: read-all
12+
1013
jobs:
1114
release:
1215
runs-on: ubuntu-latest
1316
permissions:
14-
contents: write
17+
contents: read
1518
packages: write
1619

1720
steps:
@@ -25,10 +28,12 @@ jobs:
2528
git config user.name "${{ github.actor }}"
2629
git config user.email "${{ github.actor}}@users.noreply.github.com"
2730
31+
- name: downcase repo owner for image
32+
run: echo "REPO_OWNER=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV
2833
- name: Run chart-releaser
29-
uses: bitdeps/helm-oci-charts-releaser@v0.1.5
34+
uses: bitdeps/helm-oci-charts-releaser@caedceea2a5ab997c7e5469a999811dbb3d5b070 # v0.1.5
3035
with:
31-
oci_registry: ghcr.io/${{ github.repository_owner }}/charts
36+
oci_registry: ghcr.io/${{ env.REPO_OWNER }}/charts
3237
oci_username: ${{ github.actor}}
3338
oci_password: ${{ secrets.GITHUB_TOKEN }}
3439
github_token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/scorecard.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -67,6 +67,6 @@ jobs:
6767

6868
# Upload the results to GitHub's code scanning dashboard.
6969
- name: "Upload to code-scanning"
70-
uses: github/codeql-action/upload-sarif@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1
70+
uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2
7171
with:
7272
sarif_file: results.sarif

backend/application/__init__.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
__version__ = "1.47.2"
1+
__version__ = "1.48.0"
22

33
import pymysql
44

backend/application/core/api/views.py

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -153,7 +153,6 @@
153153
from application.core.services.security_gate import check_security_gate
154154
from application.core.types import Assessment_Status, Status
155155
from application.issue_tracker.services.issue_tracker import (
156-
push_deleted_observation_to_issue_tracker,
157156
push_observations_to_issue_tracker,
158157
)
159158
from application.licenses.api.serializers import LicenseComponentBulkDeleteSerializer
@@ -558,13 +557,13 @@ def filter_queryset(self, queryset: QuerySet) -> QuerySet:
558557

559558
def perform_destroy(self, instance: Observation) -> None:
560559
product = instance.product
561-
issue_id = instance.issue_tracker_issue_id
560+
562561
super().perform_destroy(instance)
563562
if (instance.branch and instance.branch.is_default_branch) or (
564563
not instance.branch and not instance.product.repository_default_branch
565564
):
566565
check_security_gate(product)
567-
push_deleted_observation_to_issue_tracker(product, issue_id, get_current_user())
566+
568567
product.last_observation_change = timezone.now()
569568
product.save()
570569

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
# Generated by Django 5.2.11 on 2026-02-04 18:26
2+
3+
from django.db import migrations, models
4+
5+
6+
class Migration(migrations.Migration):
7+
8+
dependencies = [
9+
("core", "0075_observation_initialize_fix_and_upgrade"),
10+
]
11+
12+
operations = [
13+
migrations.AlterField(
14+
model_name="product",
15+
name="notification_ms_teams_webhook",
16+
field=models.TextField(blank=True, max_length=2048),
17+
),
18+
migrations.AlterField(
19+
model_name="product",
20+
name="notification_slack_webhook",
21+
field=models.TextField(blank=True, max_length=2048),
22+
),
23+
]

backend/application/core/models.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -83,8 +83,8 @@ class Product(Model, DirtyFieldsMixin): # pylint: disable=too-many-instance-att
8383

8484
apply_general_rules = BooleanField(default=True)
8585

86-
notification_ms_teams_webhook = CharField(max_length=255, blank=True)
87-
notification_slack_webhook = CharField(max_length=255, blank=True)
86+
notification_ms_teams_webhook = TextField(max_length=2048, blank=True)
87+
notification_slack_webhook = TextField(max_length=2048, blank=True)
8888
notification_email_to = CharField(max_length=255, blank=True)
8989

9090
issue_tracker_active = BooleanField(default=False)

backend/application/core/services/observations_bulk_actions.py

Lines changed: 1 addition & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -22,9 +22,6 @@
2222
)
2323
from application.core.services.security_gate import check_security_gate
2424
from application.core.types import Assessment_Status, Status
25-
from application.issue_tracker.services.issue_tracker import (
26-
push_deleted_observation_to_issue_tracker,
27-
)
2825

2926

3027
def observations_bulk_assessment( # pylint: disable=too-many-arguments
@@ -59,9 +56,6 @@ def observations_bulk_delete(product: Product, observation_ids: list[int]) -> No
5956

6057
observations.delete()
6158

62-
for issue_id in issue_ids:
63-
push_deleted_observation_to_issue_tracker(product, issue_id, get_current_user())
64-
6559
check_security_gate(product)
6660
product.last_observation_change = timezone.now()
6761
product.save()
@@ -155,7 +149,7 @@ def _check_observation_logs(product: Optional[Product], observation_log_ids: lis
155149
else:
156150
if not user_has_permission(observation_log, Permissions.Observation_Log_Approval):
157151
raise ValidationError(f"First observation log without approval permission: {observation_log.pk}")
158-
if not observation_log.assessment_status == Assessment_Status.ASSESSMENT_STATUS_NEEDS_APPROVAL:
152+
if observation_log.assessment_status != Assessment_Status.ASSESSMENT_STATUS_NEEDS_APPROVAL:
159153
raise ValidationError(f"First observation log that does not need approval: {observation_log.pk}")
160154
if get_current_user() == observation_log.user:
161155
raise ValidationError(

backend/application/core/signals.py

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,9 @@
1717
set_product_flags,
1818
)
1919
from application.core.services.security_gate import check_security_gate
20+
from application.issue_tracker.services.issue_tracker import (
21+
push_deleted_observation_to_issue_tracker,
22+
)
2023

2124
logger = logging.getLogger("secobserve.core")
2225

@@ -29,6 +32,14 @@ def observation_pre_save(sender: Any, instance: Observation, **kwargs: Any) -> N
2932
set_product_flags(instance)
3033

3134

35+
@receiver(post_delete, sender=Observation)
36+
def observation_post_delete(
37+
sender: Any, instance: Observation, **kwargs: Any # pylint: disable=unused-argument
38+
) -> None:
39+
# sender is needed according to Django documentation
40+
push_deleted_observation_to_issue_tracker(instance.product, instance.issue_tracker_issue_id, get_current_user())
41+
42+
3243
@receiver(post_delete, sender=Product)
3344
def product_post_delete(sender: Any, instance: Product, **kwargs: Any) -> None: # pylint: disable=unused-argument
3445
# sender is needed according to Django documentation

0 commit comments

Comments
 (0)