Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor(jans-pycloudlib): simplify classes and methods for locking #10376

Merged
merged 5 commits into from
Dec 11, 2024
Merged

refactor(jans-pycloudlib): simplify classes and methods for locking #10376

merged 5 commits into from
Dec 11, 2024

Conversation

iromli
Copy link
Contributor

@iromli iromli commented Dec 9, 2024

Prepare

Description

Target issue

closes #10375

Implementation Details

Test and Document the changes

  • Static code analysis has been run locally and issues have been fixed
  • Relevant unit and integration tests have been added/updated
  • Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)

Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with docs: to indicate documentation changes or if the below checklist is not selected.

  • I confirm that there is no impact on the docs due to the code changes in this PR.

@iromli iromli requested a review from moabu as a code owner December 9, 2024 21:54
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Dec 9, 2024
edited
Loading

DryRun Security Summary

The pull request focuses on enhancing the security and reliability of SQL password management, lock management, and database interaction in the jans-pycloudlib project by improving password retrieval methods, refactoring lock management functionality, and removing hardcoded database connection details.

Expand for full summary

Summary:

The changes in this pull request are focused on improving the security and reliability of the SQL password management, lock management, and database interaction functionality within the jans-pycloudlib project.

The key changes include:

  1. Removal of the sync_sql_password function, which previously relied on a mounted password file, reducing the risk of exposing the SQL password.
  2. Improvements to the get_sql_password function, which now uses a more secure method to retrieve the password, further enhancing the security of SQL password management.
  3. Enhancements to the lock management functionality, including the incorporation of the LockManager class into the LockRecord class, and the addition of backoff and retry mechanisms to improve the reliability of the locking process.
  4. Refactoring of the SqlLock class, including the removal of hardcoded database connection details and improved error handling, which can have a positive impact on the overall security of the application.

These changes demonstrate a focus on improving the security and reliability of the application's core functionality, which is crucial for maintaining a secure and robust distributed system.

Files Changed:

  1. jans-pycloudlib/jans/pycloudlib/persistence/sql.py: The changes in this file are focused on improving the SQL password management functionality, including the deprecation of the sync_sql_password function and the enhancement of the get_sql_password function to use a more secure method for retrieving the password.
  2. jans-pycloudlib/jans/pycloudlib/lock/__init__.py: The changes in this file are related to the lock management functionality, including the removal of the LockManager class and the incorporation of its functionality into the LockRecord class. The changes also include the addition of backoff and retry mechanisms to improve the reliability of the locking process.
  3. jans-pycloudlib/jans/pycloudlib/manager.py: The changes in this file are focused on the Manager class, including the addition of a create_lock method and the deprecation of the lock attribute, which suggests that the lock management strategy may be changing in the future.
  4. jans-pycloudlib/jans/pycloudlib/lock/sql_lock.py: The changes in this file are a refactoring of the SqlLock class, including the removal of hardcoded database connection details and improved error handling, which can have a positive impact on the overall security of the application.

Code Analysis

We ran 9 analyzers against 4 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

@mo-auto mo-auto added comp-jans-pycloudlib kind-enhancement Issue or PR is an enhancement to an existing functionality labels Dec 9, 2024
@iromli iromli self-assigned this Dec 9, 2024
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Dec 9, 2024

Quality Gate Passed Quality Gate passed for 'jans-pycloudlib'

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-config-api-parent'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@moabu moabu merged commit 39e74a1 into main Dec 11, 2024
12 checks passed
@moabu moabu deleted the cn-refactor-lock branch December 11, 2024 12:24
ossdhaval pushed a commit that referenced this pull request Dec 27, 2024
@iromli @moabu
refactor(jans-pycloudlib): simplify classes and methods for locking (#…
61c6849 
…10376)

* refactor(jans-pycloudlib): simplify classes and methods for locking

Signed-off-by: iromli <[email protected]>

* refactor(jans-pycloudlib): remove dead code

* refactor(jans-pycloudlib): deprecate sync_sql_password in favor get_sql_password

---------

Signed-off-by: iromli <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@moabu moabu moabu approved these changes

Assignees

@iromli iromli

Labels
comp-jans-pycloudlib kind-enhancement Issue or PR is an enhancement to an existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

refactor(jans-pycloudlib): simplify classes and methods for locking
3 participants
@iromli @moabu @mo-auto