lingwei.kong/hawkbit
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
3,750 Commits 1 Branch 0 Tags
222ca5c826cb5a01e2620373bcc4cdeeefdbddec
Commit Graph

108 Commits

Author SHA1 Message Date
Avgustin Marinov
62b1b7d730 Fix dash tool scan (#2463) 
---------

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-06-17 15:43:41 +03:00
Avgustin Marinov
0f9997372c Fix release forkflow (#2461) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-06-16 19:27:01 +03:00
Avgustin Marinov
ebab954cea Update release.yml 2025-06-16 18:22:02 +03:00
Avgustin Marinov
b3cb38c0bd Fix tagging on release workflow (#2460) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-06-16 18:12:51 +03:00
Avgustin Marinov
9f0f25aa7c Create tag.yaml (#2459) 2025-06-16 18:05:48 +03:00
Avgustin Marinov
66cc3aa418 Fix worklows (#2458) 
---------

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-06-16 17:22:21 +03:00
Avgustin Marinov
4ead1b1e98 Fix Dash tool integration (#2455) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-06-16 15:36:21 +03:00
Avgustin Marinov
4c93647921 Fix dash integration (#2454) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-06-16 15:31:14 +03:00
Avgustin Marinov
371c726e06 Add license-scan workflow (#2453) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-06-16 15:17:10 +03:00
Avgustin Marinov
044963f84c Implement release as github action (#2452) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-06-16 14:43:17 +03:00
Denislav Prinov
23154d70cc Audit Logging in HawkBit (#2314) 
* Introduction of Audit Logging in hawkBit

Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>

* Introduction of Audit Logging in hawkBit

Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>

* Refactoring:

* applied code formatter
* audit moved into hawkbit-security-core
* minimize dependences
* use AuditorAware to retrieve user - so to be compatible with the logs into DB

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

* Move audit entities to security core

Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>

* Introduce audit log method types

Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>

---------

Signed-off-by: Denislav Prinov <denislav.prinov@bosch.com>
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
Co-authored-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-03-31 08:51:54 +03:00
Avgustin Marinov
70949769de Migrate to jdk 21 (#2295) 
* docker containers using images with jre 21
* project is still building with target java 17 - so jar artifacts are java 17 compatible
* provided option to have different version for client libraries (e.g. ddi and management REST api)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-03-27 09:28:28 +02:00
Stanislav Trailov
724341e1ce Update trivy-scan.yml with correct docker build sh file 2025-02-28 15:35:14 +02:00
Avgustin Marinov
009e4a73ef Add caching for maven build actions (#2300) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-02-24 14:50:24 +02:00
Avgustin Marinov
e608996e43 Create dependabot.yml 2025-01-23 17:43:33 +02:00
Avgustin Marinov
0ca10be0b1 Add all docker images to trivy scan (#2188) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-01-09 15:10:12 +02:00
Avgustin Marinov
07153ee15d Try to add security-events: write to trivy scan (#2187) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-01-09 14:52:39 +02:00
Avgustin Marinov
dc33056ccd Enable trivy debug (#2186) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-01-09 14:30:44 +02:00
Avgustin Marinov
2d1f31dbac Fix Trivy (#2185) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-01-09 14:19:31 +02:00
Avgustin Marinov
15be89cf7c Fix trivy 6 (#2184) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-01-09 14:13:53 +02:00
Avgustin Marinov
d5c0dffa71 Fix Trivy 5 (#2183) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-01-09 14:04:00 +02:00
Avgustin Marinov
2876136a07 Try Trivy Fix (#2182) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-01-09 13:55:45 +02:00
Avgustin Marinov
0393a4a389 Try to fix trivy with permissions (#2181) 
* fix_trivy_scan_2_rolbak_action

* Try to fix trivy with permissions

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>

---------

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-01-09 13:46:12 +02:00
Avgustin Marinov
e36aa8a5e7 fix_trivy_scan_2_rolbak_action (#2180) 2025-01-09 13:38:55 +02:00
Avgustin Marinov
1c88231aa7 Fix Trivy scan (#2179) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2025-01-09 13:13:20 +02:00
Avgustin Marinov
db3ac7f2dd Hibernate support (#2147) 
* Hibernate support

---------

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-12-16 16:08:07 +02:00
Avgustin Marinov
4802089388 Update trivy-scan action/checkout version (#2139) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-12-11 10:06:43 +02:00
Avgustin Marinov
ede05fe7b1 Upgrade versions of github actions (#2137) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-12-11 09:17:53 +02:00
Avgustin Marinov
ebcb6a0b29 [#1700] Remove sandbox (#2105) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-11-27 08:14:52 +02:00
Avgustin Marinov
3a28dab8f2 Remove verify step for md only files commits (#2092) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-11-21 10:39:05 +02:00
Avgustin Marinov
02355427b0 Skip verify also on PR for site only changes (#1961) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-11-07 11:53:55 +02:00
Avgustin Marinov
7aa53af5ae Skip verify github action on site only changes (#1960) 
Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
 2024-11-07 11:48:24 +02:00
Avgustin Marinov
d842bc2aaa Code format hawkbit (#1948) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-11-05 11:41:56 +02:00
Stanislav Trailov
68a8888ea1 remove --insecure from trivy file 2024-10-07 18:09:35 +03:00
Stanislav Trailov
a036171451 switch eclipse/hawkbit to eclipse-hawkbit/hawkbit in trivy 2024-10-07 18:02:36 +03:00
Stanislav Trailov
ce0b7dd456 update trivy file in attempt to fix trivy build 2024-10-07 17:28:53 +03:00
Avgustin Marinov
a8ef586027 Remove unused code from verify action (#1873) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-10-04 17:22:31 +03:00
Avgustin Marinov
73318246f5 Move SECURITY.md at root level (#1868) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-10-04 15:17:00 +03:00
Avgustin Marinov
858dad2a05 Fix GitHub Action badge (#1865) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-10-04 14:35:49 +03:00
Avgustin Marinov
0c9cb618ec Rename build -> verify job (#1860) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-10-04 13:13:35 +03:00
Avgustin Marinov
20ebd9ba8d Add rabbitmq for verify phase (#1855) 
* Add rabbit mq for verify phase

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-10-04 12:24:01 +03:00
Avgustin Marinov
7ca5cbe1aa Switch from eclipse/hawkbit to eclipse-hawkbit/hawkbit github (#1852) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-10-04 10:21:03 +03:00
Avgustin Marinov
2b1f8ea71c Add github build & verify actions (#1854) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2024-10-03 16:45:10 +03:00
Avgustin Marinov
afd9f24d71 Adds .trivyignore and use it in the scan (#1520) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2023-12-15 14:08:50 +02:00
Avgustin Marinov
be7a678826 Update trivy-scan.yml (2) 2023-12-10 15:52:47 +02:00
Avgustin Marinov
61a1d58e4d Update trivy-scan.yml 2023-12-10 15:42:15 +02:00
Avgustin Marinov
38044c17a6 Fix trivy-scan (#1508) 2023-12-10 15:26:50 +02:00
Avgustin Marinov
06f8535386 Fixed some CI flows & checks (#1405) 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
 2023-08-02 11:51:56 +03:00
Michael Herdt
17bf633df9 Scan only latest image. Do only scan library vulnerabilities. (#1339) 2023-03-28 16:24:54 +02:00
Michael Herdt
6f854afdae Introduce GitHub action to execute vulnerability scan using Trivy (#1333) 
* Introduce docker maven plugin for hawkbit update server
* Introduce GitHub action to execute vulnerability scan using trivy
 2023-03-28 07:42:04 +02:00