Skip to content

[v6 PROD RELEASE] - dev -> master #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
Oct 30, 2025
Merged

[v6 PROD RELEASE] - dev -> master #13

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
16c085e
feat: added timeout for prisma service
hentrymartin Oct 23, 2025
3c01538
fix: parse to int before applying timeout
hentrymartin Oct 24, 2025
bfeae65
Fix error seen in dev
jmgasper Oct 27, 2025
f78c99e
Merge pull request #12 from topcoder-platform/pm-2539
kkartunov Oct 28, 2025
d3c2038
Add Trivy scanner workflow for vulnerability scanning
kkartunov Oct 28, 2025
e1a4f4a
Migration tweaks and a fix for roles not being saved properly
jmgasper Oct 30, 2025
c558b5e
Add Topcoder User at initial creation instead of after user validation
jmgasper Oct 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .circleci/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@ workflows:
branches:
only:
- develop
- pm-2539

# Production builds are exectuted only on tagged commits to the
# master branch.
Expand Down
11 changes: 8 additions & 3 deletions .env.sample
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -143,6 +143,11 @@ SERVICEACC02_CID="devadmin1"
SERVICEACC02_SECRET="devadmin1"
SERVICEACC02_UID="100000027"

# Note: Registration default password is no longer configurable; for social/SSO
# registrations without a provided password, a unique 16-character random
# password is generated at registration time.
# Note: Registration default password is no longer configurable; for social/SSO
# registrations without a provided password, a unique 16-character random
# password is generated at registration time.


# Prisma configuration

IDENTITY_SERVICE_PRISMA_TIMEOUT=10000
Copy link

@github-actions github-actions bot Oct 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[💡 style]
Consider adding a newline at the end of the file to adhere to POSIX standards, which can help prevent issues with certain tools and version control systems.

34 changes: 34 additions & 0 deletions .github/workflows/trivy.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
name: Trivy Scanner

permissions:
contents: read
security-events: write
on:
push:
branches:
- main
- dev
pull_request:
jobs:
trivy-scan:
name: Use Trivy
runs-on: ubuntu-24.04
Copy link

@github-actions github-actions bot Oct 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[⚠️ maintainability]
Consider using a stable version of ubuntu-latest instead of ubuntu-24.04 to ensure compatibility and reduce maintenance overhead when new Ubuntu versions are released.

steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Run Trivy scanner in repo mode
uses: aquasecurity/trivy-action@0.33.1
Copy link

@github-actions github-actions bot Oct 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[⚠️ maintainability]
Ensure that the version 0.33.1 of aquasecurity/trivy-action is the intended version and not a placeholder. Locking to a specific version can help avoid unexpected changes, but it also requires regular updates to benefit from new features and security patches.

with:
scan-type: "fs"
ignore-unfixed: true
format: "sarif"
output: "trivy-results.sarif"
severity: "CRITICAL,HIGH,UNKNOWN"
scanners: vuln,secret,misconfig,license
github-pat: ${{ secrets.GITHUB_TOKEN }}

- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
Copy link

@github-actions github-actions bot Oct 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[⚠️ maintainability]
Verify that github/codeql-action/upload-sarif@v3 is the correct and intended version. Using a specific major version can provide stability, but ensure it aligns with your update and security policies.

with:
sarif_file: "trivy-results.sarif"
Loading