artin/OBP-API
1
0
Fork 0
mirror of https://github.com/OpenBankProject/OBP-API.git synced 2026-02-06 14:46:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
14,515 Commits 64 Branches 3 Tags 68 MiB
93d7fcacd7
Commit Graph

14515 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marko Milić
93d7fcacd7 feature/Add openjdk version "17.0.11" at docker 
openjdk version "17.0.11" 2024-04-16
OpenJDK Runtime Environment Temurin-17.0.11+9 (build 17.0.11+9)
OpenJDK 64-Bit Server VM Temurin-17.0.11+9 (build 17.0.11+9, mixed mode, sharing)
 2025-11-27 16:58:37 +01:00
Marko Milić
141f2d666f feature/Move docker to the development folder 2 2025-11-27 16:37:16 +01:00
Marko Milić
72dca46865 feature/Move docker to the development folder 2025-11-27 15:42:03 +01:00
Marko Milić
194d1cc7e8 feature/Copying recursively might inadvertently add sensitive data to the container. 
SonarQube security warning by:

## Summary of Changes

### 1. **Selective File Copying in Dockerfile**
Instead of using `COPY . .` which copies everything recursively, I've updated the Dockerfile to explicitly copy only the necessary files and directories:

- **Maven configuration**: `pom.xml`, `build.sbt`
- **Source code directories**: `obp-api/`, `obp-commons/`, `project/`
- **Required build files**: `jitpack.yml`, `web-app_2_3.dtd`

### 2. **Enhanced .dockerignore**
I've significantly expanded the `.dockerignore` file to exclude:

- **IDE files**: `.idea/`, `.vscode/`, `.metals/`, etc.
- **Build artifacts**: `target/`, `cache/`, Maven local repository
- **Sensitive files**: Environment files, keys, certificates, passwords
- **OS files**: `.DS_Store`, thumbnails, etc.
- **Documentation**: Most markdown files (keeping license files)
- **Development files**: `ideas/`, `resourcedoc/`

## Security Benefits

1. **Reduced attack surface**: Only necessary files are included in the Docker image
2. **No accidental secrets**: Explicit exclusion of common sensitive file patterns
3. **Smaller image size**: Excluding unnecessary files reduces image size
4. **Better maintainability**: Clear understanding of what goes into the container

## Build Compatibility

The changes maintain full Maven build compatibility by ensuring all necessary files for the build process are still copied:
- Maven POM files for dependency management
- Source code directories
- Build configuration files
- The entrypoint script (specifically allowed in .dockerignore)

This approach follows Docker security best practices and addresses the SonarQube warning while maintaining the functionality of your build process.
 2025-11-27 14:21:54 +01:00
Simon Redfern
80cf296387
Merge pull request #2635 from hongwei1/develop 
test/fixed
 2025-11-27 12:40:08 +01:00
hongwei
532c37cf28 Refactor /Group management: Introduce GroupTrait and MappedGroupProvider, replacing MappedGroup. Enhance group creation, retrieval, updating, and deletion methods with improved type handling and error management. 2025-11-27 12:31:04 +01:00
hongwei
0183ea9edd Merge remote-tracking branch 'Marko/develop' into develop-Simon 2025-11-27 12:22:09 +01:00
simonredfern
e4353fcd4d changing Error Code for ExcludeParametersNotSupported to "OBP-30146" 2025-11-27 12:12:16 +01:00
simonredfern
fbc36c49bf changing OBP number for InvalidSystemViewFormat to OBP-20039 2025-11-27 12:08:51 +01:00
Marko Milić
d4e0f6aef3 Merge remote-tracking branch 'upstream/develop' into develop 2025-11-27 09:16:21 +01:00
simonredfern
81ee35aae8 Change devops path to system in v5.1.0 and v6.0.0 2025-11-26 23:58:12 +01:00
simonredfern
f09dba09a7 fixing duplicate root v6.0.0 2025-11-26 23:26:57 +01:00
simonredfern
9b5523215d docfix: added v6.0.0 /root 2025-11-26 22:59:37 +01:00
simonredfern
bcf6dc6726 group table name 2025-11-26 21:54:57 +01:00
simonredfern
c24a0bf74e Feature: Adding Groups 2025-11-26 21:23:49 +01:00
simonredfern
0dbad9c2e8 docfix: metrics exclude params disabled. include_ params are optional. 2025-11-26 19:27:07 +01:00
simonredfern
b0e11905b3 Disable exclude app names on metrics queries v6.0.0 2025-11-26 19:23:53 +01:00
simonredfern
d3314bf310 Refactor: http_status_code param 2025-11-26 14:53:27 +01:00
simonredfern
0a91cc04f7 Feature: Support http_code parameter in get metrics 2025-11-26 14:31:11 +01:00
Marko Milić
dc5cd7ca42 docfix/Glossary Item for Keycloak 2025-11-26 14:05:41 +01:00
Simon Redfern
d60f177e27
Merge pull request #2634 from constantine2nd/develop 
Log Cache pagination
 2025-11-26 13:57:00 +01:00
Marko Milić
2809a279bc feature/Log Cache pagination 2025-11-25 16:59:26 +01:00
simonredfern
47c831a1f9 feature: Validate User Email via endpoint. 2025-11-24 18:00:59 +01:00
simonredfern
32ae788f6d Merge branch 'develop' of github.com:OpenBankProject/OBP-API into develop 2025-11-24 17:36:42 +01:00
simonredfern
e987554044 feature: added /users/email-validation so the new Portal can call it. 2025-11-24 17:36:22 +01:00
Simon Redfern
f877fc4cc8
Merge pull request #2633 from hongwei1/develop 
refactor/Update dynamic URL generation for resource documentation to …
 2025-11-24 17:25:43 +01:00
simonredfern
33392ac77e Migration documentation + test 2025-11-24 17:11:58 +01:00
simonredfern
a5c942b564 docfix: use_cases.md 2025-11-24 17:11:31 +01:00
simonredfern
8dc952c99d Resource User user_id unique index 2025-11-24 17:10:03 +01:00
hongwei
dc385fa3e0 refactor/Update dynamic URL generation for resource documentation to differentiate between dynamic entity and endpoint 2025-11-24 14:56:42 +01:00
simonredfern
f57e422e2d connector name caching 2025-11-24 12:58:47 +01:00
simonredfern
91b31f1559 docfix: list of tags in CRUD endpoints for Dynamic Entities 2025-11-24 12:17:43 +01:00
simonredfern
2a69ee5ae1 added caching for /devops/connector-method-names 2025-11-24 01:10:06 +01:00
simonredfern
ac3b585628 Adding endpoint /devops/connector-method-names to version 6.0.0 2025-11-24 01:08:09 +01:00
simonredfern
6cb4652bb8 caching get providers 2025-11-23 18:03:27 +01:00
simonredfern
afb20017e5 path tweaks for devops 2025-11-23 17:01:28 +01:00
simonredfern
8bc4a9d1f4 recent_operation_ids distinct 2025-11-23 16:46:43 +01:00
simonredfern
de8018b770 feature: v6.0.0 getUser has more data 2025-11-23 16:28:58 +01:00
simonredfern
7d59c8e388 Adding index for user_id uniquemess. Adding dev-ops/migrations endpoint. 2025-11-23 16:07:05 +01:00
simonredfern
0b3e3caa75 Copied /aggregate-metrics to v6.0.0, duration now used as a minimum not 
exact.
 2025-11-23 03:22:01 +01:00
simonredfern
4a6487cc12 metrics date logging / props parsing 2025-11-23 01:39:48 +01:00
simonredfern
4e5c5a5db8 adding v6.0.0 of getMetrics which sets default from_date 2025-11-22 22:14:54 +01:00
simonredfern
e1d10e957a using consumer_id UUID in metrics instead of primary key 2025-11-22 21:48:33 +01:00
simonredfern
d7eba5972f other metrics endpoints using smart caching 2025-11-22 20:48:18 +01:00
simonredfern
c25a4c03ff docfix: getMetrics examples using correct date format 2025-11-22 20:41:08 +01:00
simonredfern
2f47e61ec5 optimisation: getMetrics uses two cache TTLs one for recent queries and 
another one for stale queries
 2025-11-22 20:34:41 +01:00
simonredfern
d87b7b9713 Merge branch 'develop' of github.com:OpenBankProject/OBP-API into develop 2025-11-22 18:16:48 +01:00
simonredfern
5f091f3dfd cachefix Metrics days -> seconds 2025-11-22 18:15:29 +01:00
Simon Redfern
63bb0e348d
Merge pull request #2632 from hongwei1/develop 
refactor/ Enhanced logging for consent validation, including warnings…
 2025-11-21 16:41:09 +01:00
hongwei
7f9c1e94c6 refactor/ Enhanced logging for consent validation, including warnings for empty consumer validation method. 2025-11-21 16:39:36 +01:00