chore: Main sync (#5862)

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* doc: Edit Deployment Chart Schema (#5735)

* Edit Deployment Chart Schema

* Fixes

* PM + CO Feedback Incorporated

* doc: Redirection of old entry in gitbook.yaml (#5738)

* Edit Deployment Chart Schema

* Fixes

* PM + CO Feedback Incorporated

* Redirected Old Entry

* docs: added Documentation for Air-Gapped Installation (#5360)

* added docs for air-gapped-installation

* added all the images in 7.0.0

* modified yq command in the docs

* added an entry in summary.md

* added installation commands

* modified statements

* modified variable name

* added steps to navigation

* added the latest oss chart images

* added a note for docker

* Added Intro + Proofreading + Structuring

* Other fixes

* Lang fix

* added docs for ea-mode only

* modified lang

* Update install-devtron-in-airgapped-environment.md

Changed h3 header to fit the ToC on the RHS

* added changes

* modified changes

---------

Co-authored-by: Badal Kumar Prusty <[email protected]>
Co-authored-by: ashokdevtron <[email protected]>

* feat: Env description handling (#5744)

* env description handling added

* license handling

* misc: Main sync rc - branch update (#5753)

* added config sql script (#5681)

* feat: CVE severity categorisation and scan result listing API enhancements (#5617)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* fix: update script numbers

* fix: minor fix

* feat: casbin deny policy sql scripts (#5677)

* system controller scripts

* script additions

* sql cript update

* sql script number chnage

* feat: Config diff phase 2 oss (#5488)

* story(configDiffView) : open api spec

* story(configDiffView) : open api spec updated

* story(configDiffView) : open api spec updated for error state

* story(configDiffView) : WIP

* story(configDiffView) : WIP "some code changed"

* story(configDiffView) : support for names added

* story(configDiffView) : iota removed

* story(configDiffView) : pg no rows handled

* story(configDiffView) : spelling check

* story(configDiffView) : code review comment resolved

* story(configDiffView) : env id added

* story(configDiffView) : intersection added

* story(configDiffView) : comments removed

* story(configDiffView) : code review comment resolved

* story(configDiffView) : comment removed

* story(configDiffView) : CMCSNames DTO moved

* story(configDiffView) : null case handled

* story(configDiffView) : logger added

* story(configDiffView) : code refactored

* story(configDiffView) : code refactored v2

* story(configDiffView) : spec updated

* story(configDiffView) : code refactored

* story(configDiffView) : config names

* main sync

* overridden and global flag introduced in config diff autocomplete api

* ent sync

* get config data in resthandler

* new api for showing all config data in config/data :- Service func -> GetAllConfigData

* using a single key instead of global and overridden key in config/autocomplete api

* ConfigState made string instead of int

* not sending inheriting in case base config

* code review comment incorporation

* ent sync

* code review comment incorp -1

* code review comment incorp -2

* code review comment incorp -3

* small fix in plugin

* migration number changes (#5692)

* main sync

* minor fix

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* scipt number change

---------

Co-authored-by: adi6859 <[email protected]>
Co-authored-by: Vikram Singh <[email protected]>

* fix: Helm apps entries in Ea mode (#5652)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* executed make after merging with develop branch

* feat: refactoring deployment app name usage (#5702)

* removing hard coded deployment app name

* removing %s-%s usage

* wip: query change for enterprise

* wip

* wip

* wip

* adding release mode in deployment config

* wip: release changes

* left join on pco and artifact

* handling empty release mode - backward compatibility

* fixing panic

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* migration updated

* main merge and migration script updated

* wip

* review changes

* fix sql no

---------

Co-authored-by: Prakash <[email protected]>

* migration syn with ent (#5719)

* fix: group image vulnerabilities by base/os image (#5680)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* feat: storing target,class and type values in imageScanExecutionResults

* feat: add sql script

* feat: add sql script

* fix: add new columns

* fix: update script numbers

* fix: correct down script

* fix: minor fix

* chore: script number update

* fix: remove sql script (#5727)

* Revert "fix: Helm apps entries in Ea mode (#5652)" (#5733)

This reverts commit f1aa1fca0624af32de5e620ceba4548488a07127.

* chore: custom argo-workflow dependency (#5731)

* bumped github.com/argoproj/argo-workflows/v3 v3.5.10 => github.com/devtron-labs/argo-workflows/v3 v3.5.10

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* reverted main branch changes

* reverted main branch changes

---------

Co-authored-by: Prakash <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>

* chore: fix go.sum file (#5734)

* misc: Main sync develop (#5737)

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

---------

Co-authored-by: Prakash <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>

* fix: Validate config cm cs (#5750)

* validateConfigRequest before CMGlobalAddUpdate and CSGlobalAddUpdate

* checkIfConfigDataAlreadyExist

---------

Co-authored-by: ayu-devtron <[email protected]>
Co-authored-by: Vikram Singh <[email protected]>
Co-authored-by: Gireesh Naidu <[email protected]>
Co-authored-by: Shivam Nagar <[email protected]>
Co-authored-by: Prakash <[email protected]>
Co-authored-by: adi6859 <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: iamayushm <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>
Co-authored-by: Asutosh Das <[email protected]>
Co-authored-by: Vikram <[email protected]>
Co-authored-by: Prakarsh <[email protected]>

* doc: Update prerequisites of code-scan (#5625)

* Update prerequisites of code-scan

* Hyperlinked the Vulnerability scanning doc

---------

Co-authored-by: ashokdevtron <[email protected]>

* fix: ci patch rbac for branch update (#5759)

* feat: Added basic auth support for servicemonitor (#5761)

* Added support for basic auth in servicemonitor

* Added support for namespace selector and custom matchLabels

* Fixed indentations

* fix: Bitnami chart repo tls issue (#5740)

* bitnami_chart_fix

* Rename 278_bitnami_chart_fix.down.sql to 282_bitnami_chart_fix.down.sql

* Rename 278_bitnami_chart_fix.up.sql to 282_bitnami_chart_fix.up.sql

---------

Co-authored-by: Pawan Mehta <[email protected]>

* doc: Cosign plugin doc (#5665)

* doc for cosign plugin

* edits in task name

* updates in intro and other fixes.

* Attached link to Cosign GitHub repo

* Hyperlink fixes

---------

Co-authored-by: ashokdevtron <[email protected]>

* fix: check rbac on env if envName is present (#5765)

* admin check fix in config draft

* minor fix

* doc: CraneCopy plugin doc (#5658)

* doc for

* edits in task name

* spelling correction

* Updated password

---------

Co-authored-by: ashokdevtron <[email protected]>

* doc: Devtron CD Trigger Plugin doc  (#5747)

* devtron-cd-trigger plugin doc

* minor update

* Proofreading done

* Update devtron-cd-trigger.md

* Removed unwanted phrase

* Changed wording

* Changed plurality

* Updated devtron token

---------

Co-authored-by: ashokdevtron <[email protected]>

* doc: DockerSlim plugin doc (#5660)

* doc for DockerSlim plugin

* Updated Docker-Slim to DockerSlim

* Minor fixes

* url update

* Fixes in url

---------

Co-authored-by: ashokdevtron <[email protected]>

* doc: Devtron Job Trigger Plugin doc (#5742)

* devtron-job-trigger plugin doc

* summary updated

* Updated input variable description

* token value updated

---------

Co-authored-by: ashokdevtron <[email protected]>

* fix: scan tool active check removed (#5771)

* scan tool active check removed

* query fix

* feat: Docker pull env driven (#5767)

* useDockerApiToGetDigest menv driven flag to control pulling image either using docker pull or docker API

* UseAppDockerConfigForPrivateRegistries in workflow request

* revert

* revert

* fix: panic handlings and argocd app delete stuck in partial stage (#5770)

* fix: panic handlings

* fix: false positive matrics on gitOps failures

* fix: for GetConfigForHelmApps err: pg no row

* feat: plugin creation support (#5630)

* wip: new plugin creation api and min plugin api with only shared plugin list

* wip: create new plugin version code

* wip:plugin type SHARED by default

* wip:find plugin either by identifier or by id while creating a new version of existing plugin

* wip: create new plugin tag logic improved

* wip: optimize GetAllFilteredPluginParentMetadata query

* wip: create plugin tag new flow

* wip: minor fix

* wip: minor fix

* wip: minor fix

* wip: newTagsPresent -> areNewTagsPresent

* wip: icon is not  mandatory code incorporated

* wip:minor refactoring

* wip: prevent duplicate version from being created and save tags relation only when

* wip: minor fix

* wip: details api, get all plugin data or non

* wip: code review incorp part -1

* wip: code review incorp part -2

* wip: code review incorp part -3

* wip: remove code duplication

* wip: hardcode isExposed to true

* wip: hardcode StepType= inline

* wip: set default VariableStepIndex= 1

* Revert "feat: plugin creation support (#5630)" (#5778)

This reverts commit 4296366ae288f3a67f87e547d2b946acbcd2dd65.

* fix: unimplemented cluster cron service (#5781)

* fix: sql injection fixes (#5783)

* sql injection fixes

* query param init fix

* doc: Vulnerability Scanning Plugin doc (#5722)

* vulnerability scanning plugin doc

* summary.md added

* docs: Jira plugins doc (Validator + Updater) (#5709)

* Docs of Jira Plugins - Validator and Updater

* Added Index Links

* Additional Proofreading

* add basic auth and tls for sm (#5789)

* docs: added commands enable ingress during  helm installation (#5794)

* added commands emable ingress during  helm installation

* modified commands

* improved statement

* removed unrequired lines

---------

Co-authored-by: Badal Kumar Prusty <[email protected]>

* Revamped + Restructured Ingress Setup Doc (#5798)

* modifying route (#5799)

Co-authored-by: Badal Kumar Prusty <[email protected]>

* fix: cron status update refactoring (#5790)

Co-authored-by: Nishant <[email protected]>

* docs: modified the anchorlink in ingress.md (#5800)

* modifying route

* modified the anchorlink

---------

Co-authored-by: Badal Kumar Prusty <[email protected]>

* query param split (#5801)

* fix: upgraded to /argo-cd/v2 v2.9.21 (#5758)

* upgraded to /argo-cd/v2 v2.9.21

* argocd vendor files added

* sync with common-lib

* fix: Ea rbac fixes (#5813)

* app found using display or app name

* single query optimization

* display name handling for new apps

---------

Co-authored-by: kartik-579 <[email protected]>

* fix: scan list in global security page sql injection fix (#5808)

* scan list in global security page sql injection fix

* comment

* fix: app details page(#5823)

* misc: sync with common-lib changes with release candidate 18 (#5830)

* added config sql script (#5681)

* feat: CVE severity categorisation and scan result listing API enhancements (#5617)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* fix: update script numbers

* fix: minor fix

* feat: casbin deny policy sql scripts (#5677)

* system controller scripts

* script additions

* sql cript update

* sql script number chnage

* feat: Config diff phase 2 oss (#5488)

* story(configDiffView) : open api spec

* story(configDiffView) : open api spec updated

* story(configDiffView) : open api spec updated for error state

* story(configDiffView) : WIP

* story(configDiffView) : WIP "some code changed"

* story(configDiffView) : support for names added

* story(configDiffView) : iota removed

* story(configDiffView) : pg no rows handled

* story(configDiffView) : spelling check

* story(configDiffView) : code review comment resolved

* story(configDiffView) : env id added

* story(configDiffView) : intersection added

* story(configDiffView) : comments removed

* story(configDiffView) : code review comment resolved

* story(configDiffView) : comment removed

* story(configDiffView) : CMCSNames DTO moved

* story(configDiffView) : null case handled

* story(configDiffView) : logger added

* story(configDiffView) : code refactored

* story(configDiffView) : code refactored v2

* story(configDiffView) : spec updated

* story(configDiffView) : code refactored

* story(configDiffView) : config names

* main sync

* overridden and global flag introduced in config diff autocomplete api

* ent sync

* get config data in resthandler

* new api for showing all config data in config/data :- Service func -> GetAllConfigData

* using a single key instead of global and overridden key in config/autocomplete api

* ConfigState made string instead of int

* not sending inheriting in case base config

* code review comment incorporation

* ent sync

* code review comment incorp -1

* code review comment incorp -2

* code review comment incorp -3

* small fix in plugin

* migration number changes (#5692)

* main sync

* minor fix

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* scipt number change

---------

Co-authored-by: adi6859 <[email protected]>
Co-authored-by: Vikram Singh <[email protected]>

* fix: Helm apps entries in Ea mode (#5652)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* executed make after merging with develop branch

* feat: refactoring deployment app name usage (#5702)

* removing hard coded deployment app name

* removing %s-%s usage

* wip: query change for enterprise

* wip

* wip

* wip

* adding release mode in deployment config

* wip: release changes

* left join on pco and artifact

* handling empty release mode - backward compatibility

* fixing panic

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* migration updated

* main merge and migration script updated

* wip

* review changes

* fix sql no

---------

Co-authored-by: Prakash <[email protected]>

* migration syn with ent (#5719)

* fix: group image vulnerabilities by base/os image (#5680)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* feat: storing target,class and type values in imageScanExecutionResults

* feat: add sql script

* feat: add sql script

* fix: add new columns

* fix: update script numbers

* fix: correct down script

* fix: minor fix

* chore: script number update

* fix: remove sql script (#5727)

* Revert "fix: Helm apps entries in Ea mode (#5652)" (#5733)

This reverts commit f1aa1fca0624af32de5e620ceba4548488a07127.

* chore: custom argo-workflow dependency (#5731)

* bumped github.com/argoproj/argo-workflows/v3 v3.5.10 => github.com/devtron-labs/argo-workflows/v3 v3.5.10

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* reverted main branch changes

* reverted main branch changes

---------

Co-authored-by: Prakash <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>

* chore: fix go.sum file (#5734)

* misc: Main sync develop (#5737)

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

---------

Co-authored-by: Prakash <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>

* chore: sql scripts sync (#5763)

* fix: Scan tool migration fix develop (#5773)

* scan tool active check removed

* query fix

* chore: Oss sync 2 sept 2024 oss (#5779)

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* doc: Edit Deployment Chart Schema (#5735)

* Edit Deployment Chart Schema

* Fixes

* PM + CO Feedback Incorporated

* doc: Redirection of old entry in gitbook.yaml (#5738)

* Edit Deployment Chart Schema

* Fixes

* PM + CO Feedback Incorporated

* Redirected Old Entry

* docs: added Documentation for Air-Gapped Installation (#5360)

* added docs for air-gapped-installation

* added all the images in 7.0.0

* modified yq command in the docs

* added an entry in summary.md

* added installation commands

* modified statements

* modified variable name

* added steps to navigation

* added the latest oss chart images

* added a note for docker

* Added Intro + Proofreading + Structuring

* Other fixes

* Lang fix

* added docs for ea-mode only

* modified lang

* Update install-devtron-in-airgapped-environment.md

Changed h3 header to fit the ToC on the RHS

* added changes

* modified changes

---------

Co-authored-by: Badal Kumar Prusty <[email protected]>
Co-authored-by: ashokdevtron <[email protected]>

* feat: Env description handling (#5744)

* env description handling added

* license handling

* misc: Main sync rc - branch update (#5753)

* added config sql script (#5681)

* feat: CVE severity categorisation and scan result listing API enhancements (#5617)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* fix: update script numbers

* fix: minor fix

* feat: casbin deny policy sql scripts (#5677)

* system controller scripts

* script additions

* sql cript update

* sql script number chnage

* feat: Config diff phase 2 oss (#5488)

* story(configDiffView) : open api spec

* story(configDiffView) : open api spec updated

* story(configDiffView) : open api spec updated for error state

* story(configDiffView) : WIP

* story(configDiffView) : WIP "some code changed"

* story(configDiffView) : support for names added

* story(configDiffView) : iota removed

* story(configDiffView) : pg no rows handled

* story(configDiffView) : spelling check

* story(configDiffView) : code review comment resolved

* story(configDiffView) : env id added

* story(configDiffView) : intersection added

* story(configDiffView) : comments removed

* story(configDiffView) : code review comment resolved

* story(configDiffView) : comment removed

* story(configDiffView) : CMCSNames DTO moved

* story(configDiffView) : null case handled

* story(configDiffView) : logger added

* story(configDiffView) : code refactored

* story(configDiffView) : code refactored v2

* story(configDiffView) : spec updated

* story(configDiffView) : code refactored

* story(configDiffView) : config names

* main sync

* overridden and global flag introduced in config diff autocomplete api

* ent sync

* get config data in resthandler

* new api for showing all config data in config/data :- Service func -> GetAllConfigData

* using a single key instead of global and overridden key in config/autocomplete api

* ConfigState made string instead of int

* not sending inheriting in case base config

* code review comment incorporation

* ent sync

* code review comment incorp -1

* code review comment incorp -2

* code review comment incorp -3

* small fix in plugin

* migration number changes (#5692)

* main sync

* minor fix

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* scipt number change

---------

Co-authored-by: adi6859 <[email protected]>
Co-authored-by: Vikram Singh <[email protected]>

* fix: Helm apps entries in Ea mode (#5652)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* executed make after merging with develop branch

* feat: refactoring deployment app name usage (#5702)

* removing hard coded deployment app name

* removing %s-%s usage

* wip: query change for enterprise

* wip

* wip

* wip

* adding release mode in deployment config

* wip: release changes

* left join on pco and artifact

* handling empty release mode - backward compatibility

* fixing panic

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* migration updated

* main merge and migration script updated

* wip

* review changes

* fix sql no

---------

Co-authored-by: Prakash <[email protected]>

* migration syn with ent (#5719)

* fix: group image vulnerabilities by base/os image (#5680)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* feat: storing target,class and type values in imageScanExecutionResults

* feat: add sql script

* feat: add sql script

* fix: add new columns

* fix: update script numbers

* fix: correct down script

* fix: minor fix

* chore: script number update

* fix: remove sql script (#5727)

* Revert "fix: Helm apps entries in Ea mode (#5652)" (#5733)

This reverts commit f1aa1fca0624af32de5e620ceba4548488a07127.

* chore: custom argo-workflow dependency (#5731)

* bumped github.com/argoproj/argo-workflows/v3 v3.5.10 => github.com/devtron-labs/argo-workflows/v3 v3.5.10

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* reverted main branch changes

* reverted main branch changes

---------

Co-authored-by: Prakash <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>

* chore: fix go.sum file (#5734)

* misc: Main sync develop (#5737)

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

---------

Co-authored-by: Prakash <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>

* fix: Validate config cm cs (#5750)

* validateConfigRequest before CMGlobalAddUpdate and CSGlobalAddUpdate

* checkIfConfigDataAlreadyExist

---------

Co-authored-by: ayu-devtron <[email protected]>
Co-authored-by: Vikram Singh <[email protected]>
Co-authored-by: Gireesh Naidu <[email protected]>
Co-authored-by: Shivam Nagar <[email protected]>
Co-authored-by: Prakash <[email protected]>
Co-authored-by: adi6859 <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: iamayushm <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>
Co-authored-by: Asutosh Das <[email protected]>
Co-authored-by: Vikram <[email protected]>
Co-authored-by: Prakarsh <[email protected]>

* doc: Update prerequisites of code-scan (#5625)

* Update prerequisites of code-scan

* Hyperlinked the Vulnerability scanning doc

---------

Co-authored-by: ashokdevtron <[email protected]>

* fix: ci patch rbac for branch update (#5759)

* feat: Added basic auth support for servicemonitor (#5761)

* Added support for basic auth in servicemonitor

* Added support for namespace selector and custom matchLabels

* Fixed indentations

* fix: Bitnami chart repo tls issue (#5740)

* bitnami_chart_fix

* Rename 278_bitnami_chart_fix.down.sql to 282_bitnami_chart_fix.down.sql

* Rename 278_bitnami_chart_fix.up.sql to 282_bitnami_chart_fix.up.sql

---------

Co-authored-by: Pawan Mehta <[email protected]>

* doc: Cosign plugin doc (#5665)

* doc for cosign plugin

* edits in task name

* updates in intro and other fixes.

* Attached link to Cosign GitHub repo

* Hyperlink fixes

---------

Co-authored-by: ashokdevtron <[email protected]>

* fix: check rbac on env if envName is present (#5765)

* admin check fix in config draft

* minor fix

* doc: CraneCopy plugin doc (#5658)

* doc for

* edits in task name

* spelling correction

* Updated password

---------

Co-authored-by: ashokdevtron <[email protected]>

* doc: Devtron CD Trigger Plugin doc  (#5747)

* devtron-cd-trigger plugin doc

* minor update

* Proofreading done

* Update devtron-cd-trigger.md

* Removed unwanted phrase

* Changed wording

* Changed plurality

* Updated devtron token

---------

Co-authored-by: ashokdevtron <[email protected]>

* doc: DockerSlim plugin doc (#5660)

* doc for DockerSlim plugin

* Updated Docker-Slim to DockerSlim

* Minor fixes

* url update

* Fixes in url

---------

Co-authored-by: ashokdevtron <[email protected]>

* doc: Devtron Job Trigger Plugin doc (#5742)

* devtron-job-trigger plugin doc

* summary updated

* Updated input variable description

* token value updated

---------

Co-authored-by: ashokdevtron <[email protected]>

* fix: scan tool active check removed (#5771)

* scan tool active check removed

* query fix

* feat: Docker pull env driven (#5767)

* useDockerApiToGetDigest menv driven flag to control pulling image either using docker pull or docker API

* UseAppDockerConfigForPrivateRegistries in workflow request

* revert

* revert

* fix: panic handlings and argocd app delete stuck in partial stage (#5770)

* fix: panic handlings

* fix: false positive matrics on gitOps failures

* fix: for GetConfigForHelmApps err: pg no row

* feat: plugin creation support (#5630)

* wip: new plugin creation api and min plugin api with only shared plugin list

* wip: create new plugin version code

* wip:plugin type SHARED by default

* wip:find plugin either by identifier or by id while creating a new version of existing plugin

* wip: create new plugin tag logic improved

* wip: optimize GetAllFilteredPluginParentMetadata query

* wip: create plugin tag new flow

* wip: minor fix

* wip: minor fix

* wip: minor fix

* wip: newTagsPresent -> areNewTagsPresent

* wip: icon is not  mandatory code incorporated

* wip:minor refactoring

* wip: prevent duplicate version from being created and save tags relation only when

* wip: minor fix

* wip: details api, get all plugin data or non

* wip: code review incorp part -1

* wip: code review incorp part -2

* wip: code review incorp part -3

* wip: remove code duplication

* wip: hardcode isExposed to true

* wip: hardcode StepType= inline

* wip: set default VariableStepIndex= 1

* Revert "feat: plugin creation support (#5630)" (#5778)

This reverts commit 4296366ae288f3a67f87e547d2b946acbcd2dd65.

* script no. fix

---------

Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>
Co-authored-by: ashokdevtron <[email protected]>
Co-authored-by: Badal Kumar <[email protected]>
Co-authored-by: Badal Kumar Prusty <[email protected]>
Co-authored-by: kripanshdevtron <[email protected]>
Co-authored-by: kartik-579 <[email protected]>
Co-authored-by: ayu-devtron <[email protected]>
Co-authored-by: Vikram Singh <[email protected]>
Co-authored-by: Gireesh Naidu <[email protected]>
Co-authored-by: Shivam Nagar <[email protected]>
Co-authored-by: adi6859 <[email protected]>
Co-authored-by: iamayushm <[email protected]>
Co-authored-by: Asutosh Das <[email protected]>
Co-authored-by: Vikram <[email protected]>
Co-authored-by: Prakarsh <[email protected]>
Co-authored-by: Bhushan Nemade <[email protected]>
Co-authored-by: Pawan Mehta <[email protected]>
Co-authored-by: akshatsinha007 <[email protected]>

* chore: plugin creation oss (#5780)

* wip: new plugin creation api and min plugin api with only shared plugin list

* wip: create new plugin version code

* wip:plugin type SHARED by default

* wip:find plugin either by identifier or by id while creating a new version of existing plugin

* wip: create new plugin tag logic improved

* wip: optimize GetAllFilteredPluginParentMetadata query

* wip: create plugin tag new flow

* wip: minor fix

* wip: minor fix

* wip: minor fix

* wip: newTagsPresent -> areNewTagsPresent

* wip: icon is not  mandatory code incorporated

* wip:minor refactoring

* wip: prevent duplicate version from being created and save tags relation only when

* wip: minor fix

* wip: details api, get all plugin data or non

* wip: code review incorp part -1

* wip: code review incorp part -2

* wip: code review incorp part -3

* wip: remove code duplication

* wip: hardcode isExposed to true

* wip: hardcode StepType= inline

* wip: set default VariableStepIndex= 1

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* doc: Edit Deployment Chart Schema (#5735)

* Edit Deployment Chart Schema

* Fixes

* PM + CO Feedback Incorporated

* doc: Redirection of old entry in gitbook.yaml (#5738)

* Edit Deployment Chart Schema

* Fixes

* PM + CO Feedback Incorporated

* Redirected Old Entry

* docs: added Documentation for Air-Gapped Installation (#5360)

* added docs for air-gapped-installation

* added all the images in 7.0.0

* modified yq command in the docs

* added an entry in summary.md

* added installation commands

* modified statements

* modified variable name

* added steps to navigation

* added the latest oss chart images

* added a note for docker

* Added Intro + Proofreading + Structuring

* Other fixes

* Lang fix

* added docs for ea-mode only

* modified lang

* Update install-devtron-in-airgapped-environment.md

Changed h3 header to fit the ToC on the RHS

* added changes

* modified changes

---------

Co-authored-by: Badal Kumar Prusty <[email protected]>
Co-authored-by: ashokdevtron <[email protected]>

* feat: Env description handling (#5744)

* env description handling added

* license handling

* misc: Main sync rc - branch update (#5753)

* added config sql script (#5681)

* feat: CVE severity categorisation and scan result listing API enhancements (#5617)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* fix: update script numbers

* fix: minor fix

* feat: casbin deny policy sql scripts (#5677)

* system controller scripts

* script additions

* sql cript update

* sql script number chnage

* feat: Config diff phase 2 oss (#5488)

* story(configDiffView) : open api spec

* story(configDiffView) : open api spec updated

* story(configDiffView) : open api spec updated for error state

* story(configDiffView) : WIP

* story(configDiffView) : WIP "some code changed"

* story(configDiffView) : support for names added

* story(configDiffView) : iota removed

* story(configDiffView) : pg no rows handled

* story(configDiffView) : spelling check

* story(configDiffView) : code review comment resolved

* story(configDiffView) : env id added

* story(configDiffView) : intersection added

* story(configDiffView) : comments removed

* story(configDiffView) : code review comment resolved

* story(configDiffView) : comment removed

* story(configDiffView) : CMCSNames DTO moved

* story(configDiffView) : null case handled

* story(configDiffView) : logger added

* story(configDiffView) : code refactored

* story(configDiffView) : code refactored v2

* story(configDiffView) : spec updated

* story(configDiffView) : code refactored

* story(configDiffView) : config names

* main sync

* overridden and global flag introduced in config diff autocomplete api

* ent sync

* get config data in resthandler

* new api for showing all config data in config/data :- Service func -> GetAllConfigData

* using a single key instead of global and overridden key in config/autocomplete api

* ConfigState made string instead of int

* not sending inheriting in case base config

* code review comment incorporation

* ent sync

* code review comment incorp -1

* code review comment incorp -2

* code review comment incorp -3

* small fix in plugin

* migration number changes (#5692)

* main sync

* minor fix

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* scipt number change

---------

Co-authored-by: adi6859 <[email protected]>
Co-authored-by: Vikram Singh <[email protected]>

* fix: Helm apps entries in Ea mode (#5652)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* executed make after merging with develop branch

* feat: refactoring deployment app name usage (#5702)

* removing hard coded deployment app name

* removing %s-%s usage

* wip: query change for enterprise

* wip

* wip

* wip

* adding release mode in deployment config

* wip: release changes

* left join on pco and artifact

* handling empty release mode - backward compatibility

* fixing panic

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* migration updated

* main merge and migration script updated

* wip

* review changes

* fix sql no

---------

Co-authored-by: Prakash <[email protected]>

* migration syn with ent (#5719)

* fix: group image vulnerabilities by base/os image (#5680)

* feat: add support for app and env sorting in scan list api and add medium, high and unknown severity support

* fix: query fix for appName sort or envName sort

* fix: sql script number change

* fix: minor changes

* fix: review fix

* fix: remove dml on cve_store and handle it in code handling this versioning

* fix: review comments

* feat: storing target,class and type values in imageScanExecutionResults

* feat: add sql script

* feat: add sql script

* fix: add new columns

* fix: update script numbers

* fix: correct down script

* fix: minor fix

* chore: script number update

* fix: remove sql script (#5727)

* Revert "fix: Helm apps entries in Ea mode (#5652)" (#5733)

This reverts commit f1aa1fca0624af32de5e620ceba4548488a07127.

* chore: custom argo-workflow dependency (#5731)

* bumped github.com/argoproj/argo-workflows/v3 v3.5.10 => github.com/devtron-labs/argo-workflows/v3 v3.5.10

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

* reverted main branch changes

* reverted main branch changes

---------

Co-authored-by: Prakash <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>

* chore: fix go.sum file (#5734)

* misc: Main sync develop (#5737)

* migration number changes (#5692)

* refrain from checkin autoscalingCheckBeforeTrigger for virt clus (#5696)

* fix: Decode secret fix on add update oss (#5695)

* ValidateEncodedDataByDecoding in case add or update secret

* wire fix from main

* minor refactor

* comment

* saving pco concurrency case handled (#5688)

* fix: script for pipelineStageStepVariable, making input value and default_value text from varchar255 (#5701)

* script for pipelineStageStepVariable, making input value and default_value text from varchar255

* erro log fix

* fix: ea fixes for helm app (#5708)

* added the ea apps entry app table

* resolved the ea mode multiple rows error during configuration of app

* modified the ea dockerfile in ca-certificates cmd

* uncommented the code and left the ea helm app making way untouched

* remodified the dockerfile as previous state

* modified the docker file ea mode

* dockerfile exit code 100 due to ap install alternative in ea mode dockerfile

* execute make after main merge

* modified changes in dockerfile ea mode

* resolved comments after first level review

* Revert "fix: ea fixes for helm app (#5708)" (#5713)

This reverts commit 3e31f49f95d373f92b13afbe1806606ac4a39d85.

* fix: SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation (#5712)

* SkipCiBuildCachePushPull code incorporated with minor refac in handle runtime params validation

* minor refactor

* minor refactor

* migration syn with ent (#5718)

---------

Co-authored-by: Prakash <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>

* fix: Validate config cm cs (#5750)

* validateConfigRequest before CMGlobalAddUpdate and CSGlobalAddUpdate

* checkIfConfigDataAlreadyExist

---------

Co-authored-by: ayu-devtron <[email protected]>
Co-authored-by: Vikram Singh <[email protected]>
Co-authored-by: Gireesh Naidu <[email protected]>
Co-authored-by: Shivam Nagar <[email protected]>
Co-authored-by: Prakash <[email protected]>
Co-authored-by: adi6859 <[email protected]>
Co-authored-by: Rajeev Ranjan <[email protected]>
Co-authored-by: iamayushm <[email protected]>
Co-authored-by: prakhar katiyar <[email protected]>
Co-authored-by: Asutosh Das <[email protected]>
Co-authored-by: Vikram <[email protected]>
Co-authored-by: Prakarsh <[email protected]>

* doc: Update prerequisites of code-scan (#5625)

* Update prerequisites of code-scan

* Hyperlinked the Vulnerability scanning doc

---------

Co-authored-by: ashokdevtron <[email protected]>

* fix: ci patch rbac for branch update (#5759)

* feat: Added basic auth support for servicemonitor (#5761)

* Added support for basic auth in servicemonitor

* Added support for namespace selector and custom matchLabels

* Fixed indentations

* fix: Bitnami chart repo tls issue (#5740)

* bitnami_chart_fix

* Rename 278_bitnami_chart_fix.down.sql to 282_bitnami_chart_fix.down.sql

* Rename 278_bitnami_chart_fix.up.sql to 282_bitnami_chart_fix.up.sql

---------

Co-authored-by: Pawan Mehta <[email protected]>

* doc: Cosign plugin doc (#5665)

* doc for cosign plugin

* edits in task name

* updates in intro and other fixes.

* Attached link to Cosign GitHub repo

* Hyperlink fixes

---------

Co-authored-by: ashokdevtron <[email protected]>

* fix: check rbac on env if envName is present (#5765)

* admin check fix in config draft

* minor fix

* doc: CraneCopy plugin doc (#5658)

* doc for

* edits in task name

* spelling correction

* Updated password

---------

Co-authored-by: ashokdevtron <[email protected]>

* doc: Devtron CD Trigger Plugin doc  (#5747)

* devtron-cd-trigger plugin doc

* minor update

* Proofreading done

* Update devtron-cd-trigger.md

* Removed unwanted phrase

* Changed wording

* Changed plurality

* Updated devtron token

---------

Co-authored-by: ashokdevtron <[email protected]>

* doc: DockerSlim plugin doc (#5660)

* doc for DockerSlim plugin

* Updated Docker-Slim to DockerSlim

* Minor fixes

* url update

* Fixes in url

---------

Co-authored-by: ashokdevtron <[email protected]>

* doc: Devtron Job Trigger Plugin doc (#5742)

* devtron-job-trigger plugin doc

* summary updated

* Updated input variable description

* token value updated

---------

Co-authored-by: ashokdevtron <[email protected]>

* fix: scan tool active check removed (#5771)

* scan tool active check removed

* query fix

* feat: Docker pull env driven (#5767)

* useDockerApiToGetDigest menv driven flag to control pulling image either using docker pull or docker API

* UseAppDockerConfigForPrivateRegistries in workflow request

* revert

* revert

* fix: panic handlings and argocd app delete stuck in partial stage (#5770)

* fix: panic handlings

* fix: false positive matrics on gitOps failures

* fix: for GetConfigForHelmApps err: pg no row

* feat: plugin creation support (#5630)

* wip: new plugin creation api and min plugin api with only shared plugin list

* wip: create new plugin version code

* wip:plugin type SHARED by default

* wip:find plugin either by identifier or by id while creating a new version of existing plugin

* wip: create new plugin tag logic improved

* wip: optimize GetAllFilteredPluginParentMetadata query

* wip: create plugin tag new flow

* wip: minor fix

* wip: minor fix

* wip: minor fix

* wip: newTagsPresent -> areNewTagsPresent

* wip: icon is not  mandatory code incorporated

* wip:minor refactoring

* wip: prevent duplicate version from being created and save tags relation only when

* wip: minor fix

*…

Author: 21 people

api/auth/user/UserRestHandler.go

@@ -111,10 +111,14 @@ const (
 type PolicyType int
 
 const (
-	POLICY_DIRECT       PolicyType = 1
-	POLICY_GROUP        PolicyType = 1
-	SUPERADMIN                     = "role:super-admin___"
-	USER_TYPE_API_TOKEN            = "apiToken"
+	POLICY_DIRECT        PolicyType = 1
+	POLICY_GROUP         PolicyType = 1
+	SUPERADMIN                      = "role:super-admin___"
+	APP_ACCESS_TYPE_HELM            = "helm-app"
+	USER_TYPE_API_TOKEN             = "apiToken"
+	CHART_GROUP_ENTITY              = "chart-group"
+	CLUSTER_ENTITIY                 = "cluster"
+	ACTION_SUPERADMIN               = "super-admin"
 )
 
 type UserListingResponse struct {

api/bean/UserRequest.go

@@ -2023,13 +2023,13 @@ func (handler *PipelineConfigRestHandlerImpl) GetCdPipelineById(w http.ResponseW
 		return
 	}
 
-	ciConf, err := handler.pipelineBuilder.GetCdPipelineById(pipelineId)
+	cdPipeline, err := handler.pipelineBuilder.GetCdPipelineById(pipelineId)
 	if err != nil {
 		handler.Logger.Errorw("service err, GetCdPipelineById", "err", err, "appId", appId, "pipelineId", pipelineId)
 		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
 		return
 	}
-	cdResp, err := pipeline.CreatePreAndPostStageResponse(ciConf, version)
+	cdResp, err := pipeline.CreatePreAndPostStageResponse(cdPipeline, version)
 	if err != nil {
 		handler.Logger.Errorw("service err, CheckForVersionAndCreatePreAndPostStagePayload", "err", err, "appId", appId, "pipelineId", pipelineId)
 		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)

api/restHandler/app/pipeline/configure/DeploymentPipelineRestHandler.go

@@ -205,7 +205,7 @@ func (impl ApiTokenServiceImpl) CreateApiToken(request *openapi.CreateApiTokenRe
 		EmailId:  email,
 		UserType: bean.USER_TYPE_API_TOKEN,
 	}
-	createUserResponse, _, err := impl.userService.CreateUser(&createUserRequest, token, managerAuth)
+	createUserResponse, err := impl.userService.CreateUser(&createUserRequest)
 	if err != nil {
 		impl.logger.Errorw("error while creating user for api-token", "email", email, "error", err)
 		return nil, err

pkg/apiToken/ApiTokenService.go

@@ -20,6 +20,7 @@ import (
 	"errors"
 	"fmt"
 	"github.com/devtron-labs/devtron/pkg/auth/user/repository/helper"
+	"net/http"
 	"strings"
 	"time"
 
@@ -37,7 +38,8 @@ import (
 
 type RoleGroupService interface {
 	CreateRoleGroup(request *bean.RoleGroup) (*bean.RoleGroup, error)
-	UpdateRoleGroup(request *bean.RoleGroup, token string, managerAuth func(resource, token string, object string) bool) (*bean.RoleGroup, error)
+	UpdateRoleGroup(request *bean.RoleGroup, token string, checkRBACForGroupUpdate func(token string, groupInfo *bean.RoleGroup,
+		eliminatedRoleFilters []*repository.RoleModel) (isAuthorised bool, err error)) (*bean.RoleGroup, error)
 	FetchDetailedRoleGroups(req *bean.ListingRequest) ([]*bean.RoleGroup, error)
 	FetchRoleGroupsById(id int32) (*bean.RoleGroup, error)
 	FetchRoleGroups() ([]*bean.RoleGroup, error)
@@ -136,21 +138,21 @@ func (impl RoleGroupServiceImpl) CreateRoleGroup(request *bean.RoleGroup) (*bean
 			for index, roleFilter := range request.RoleFilters {
 				entity := roleFilter.Entity
 				if entity == bean2.CLUSTER_ENTITIY {
-					policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForClusterEntity(roleFilter, request.UserId, model, nil, "", nil, tx, mapping[index])
+					policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForClusterEntity(roleFilter, request.UserId, model, nil, tx, mapping[index])
 					policies = append(policies, policiesToBeAdded...)
 					if err != nil {
 						// making it non-blocking as it is being done for multiple Role filters and does not want this to be blocking.
 						impl.logger.Errorw("error in creating updating role group for cluster entity", "err", err, "roleFilter", roleFilter)
 					}
 				} else if entity == bean2.EntityJobs {
-					policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForJobsEntity(roleFilter, request.UserId, model, nil, "", nil, tx, mapping[index])
+					policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForJobsEntity(roleFilter, request.UserId, model, nil, tx, mapping[index])
 					policies = append(policies, policiesToBeAdded...)
 					if err != nil {
 						// making it non-blocking as it is being done for multiple Role filters and does not want this to be blocking.
 						impl.logger.Errorw("error in creating updating role group for jobs entity", "err", err, "roleFilter", roleFilter)
 					}
 				} else {
-					policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForOtherEntity(roleFilter, request, model, nil, "", nil, tx, mapping[index])
+					policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForOtherEntity(roleFilter, request, model, nil, tx, mapping[index])
 					policies = append(policies, policiesToBeAdded...)
 					if err != nil {
 						// making it non-blocking as it is being done for multiple Role filters and does not want this to be blocking.
@@ -199,7 +201,7 @@ func (impl RoleGroupServiceImpl) CreateRoleGroup(request *bean.RoleGroup) (*bean
 	return request, nil
 }
 
-func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForClusterEntity(roleFilter bean.RoleFilter, userId int32, model *repository.RoleGroup, existingRoles map[int]*repository.RoleGroupRoleMapping, token string, managerAuth func(resource string, token string, object string) bool, tx *pg.Tx, capacity int) ([]casbin2.Policy, error) {
+func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForClusterEntity(roleFilter bean.RoleFilter, userId int32, model *repository.RoleGroup, existingRoles map[int]*repository.RoleGroupRoleMapping, tx *pg.Tx, capacity int) ([]casbin2.Policy, error) {
 	//var policiesToBeAdded []casbin2.Policy
 	namespaces := strings.Split(roleFilter.Namespace, ",")
 	groups := strings.Split(roleFilter.Group, ",")
@@ -213,12 +215,6 @@ func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForClusterEntity(roleFil
 		for _, group := range groups {
 			for _, kind := range kinds {
 				for _, resource := range resources {
-					if managerAuth != nil {
-						isValidAuth := impl.userCommonService.CheckRbacForClusterEntity(roleFilter.Cluster, namespace, group, kind, resource, token, managerAuth)
-						if !isValidAuth {
-							continue
-						}
-					}
 					roleModel, err := impl.userAuthRepository.GetRoleByFilterForAllTypes(entity, "", "", "", "", accessType, roleFilter.Cluster, namespace, group, kind, resource, actionType, false, "")
 					if err != nil {
 						impl.logger.Errorw("error in getting new role model by filter")
@@ -263,7 +259,7 @@ func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForClusterEntity(roleFil
 	return policiesToBeAdded, nil
 }
 
-func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForOtherEntity(roleFilter bean.RoleFilter, request *bean.RoleGroup, model *repository.RoleGroup, existingRoles map[int]*repository.RoleGroupRoleMapping, token string, managerAuth func(resource string, token string, object string) bool, tx *pg.Tx, capacity int) ([]casbin2.Policy, error) {
+func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForOtherEntity(roleFilter bean.RoleFilter, request *bean.RoleGroup, model *repository.RoleGroup, existingRoles map[int]*repository.RoleGroupRoleMapping, tx *pg.Tx, capacity int) ([]casbin2.Policy, error) {
 	actionType := roleFilter.Action
 	accessType := roleFilter.AccessType
 	entity := roleFilter.Entity
@@ -319,7 +315,7 @@ func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForOtherEntity(roleFilte
 	return policiesToBeAdded, nil
 }
 
-func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForJobsEntity(roleFilter bean.RoleFilter, userId int32, model *repository.RoleGroup, existingRoles map[int]*repository.RoleGroupRoleMapping, token string, managerAuth func(resource string, token string, object string) bool, tx *pg.Tx, capacity int) ([]casbin2.Policy, error) {
+func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForJobsEntity(roleFilter bean.RoleFilter, userId int32, model *repository.RoleGroup, existingRoles map[int]*repository.RoleGroupRoleMapping, tx *pg.Tx, capacity int) ([]casbin2.Policy, error) {
 	actionType := roleFilter.Action
 	accessType := roleFilter.AccessType
 	entity := roleFilter.Entity
@@ -372,7 +368,8 @@ func (impl RoleGroupServiceImpl) CreateOrUpdateRoleGroupForJobsEntity(roleFilter
 	return policiesToBeAdded, nil
 }
 
-func (impl RoleGroupServiceImpl) UpdateRoleGroup(request *bean.RoleGroup, token string, managerAuth func(resource, token string, object string) bool) (*bean.RoleGroup, error) {
+func (impl RoleGroupServiceImpl) UpdateRoleGroup(request *bean.RoleGroup, token string, checkRBACForGroupUpdate func(token string, groupInfo *bean.RoleGroup,
+	eliminatedRoleFilters []*repository.RoleModel) (isAuthorised bool, err error)) (*bean.RoleGroup, error) {
 	dbConnection := impl.roleGroupRepository.GetConnection()
 	tx, err := dbConnection.Begin()
 	if err != nil {
@@ -404,6 +401,8 @@ func (impl RoleGroupServiceImpl) UpdateRoleGroup(request *bean.RoleGroup, token
 	var eliminatedPolicies []casbin2.Policy
 	capacity, mapping := impl.userCommonService.GetCapacityForRoleFilter(request.RoleFilters)
 	var policies = make([]casbin2.Policy, 0, capacity)
+	var eliminatedRoleModels []*repository.RoleModel
+	var items []casbin2.Policy
 	if request.SuperAdmin == false {
 		roleGroupMappingModels, err := impl.roleGroupRepository.GetRoleGroupRoleMappingByRoleGroupId(roleGroup.Id)
 		if err != nil {
@@ -417,7 +416,7 @@ func (impl RoleGroupServiceImpl) UpdateRoleGroup(request *bean.RoleGroup, token
 
 		// DELETE PROCESS STARTS
 
-		items, err := impl.userCommonService.RemoveRolesAndReturnEliminatedPoliciesForGroups(request, existingRoles, eliminatedRoles, tx, token, managerAuth)
+		items, eliminatedRoleModels, err = impl.userCommonService.RemoveRolesAndReturnEliminatedPoliciesForGroups(request, existingRoles, eliminatedRoles, tx)
 		if err != nil {
 			return nil, err
 		}
@@ -427,32 +426,24 @@ func (impl RoleGroupServiceImpl) UpdateRoleGroup(request *bean.RoleGroup, token
 		//Adding New Policies
 		for index, roleFilter := range request.RoleFilters {
 			if roleFilter.Entity == bean2.CLUSTER_ENTITIY {
-				policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForClusterEntity(roleFilter, request.UserId, roleGroup, existingRoles, token, managerAuth, tx, mapping[index])
+				policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForClusterEntity(roleFilter, request.UserId, roleGroup, existingRoles, tx, mapping[index])
 				policies = append(policies, policiesToBeAdded...)
 				if err != nil {
 					impl.logger.Errorw("error in creating updating role group for cluster entity", "err", err, "roleFilter", roleFilter)
 				}
 			} else {
-				if len(roleFilter.Team) > 0 {
-					// check auth only for apps permission, skip for chart group
-					rbacObject := fmt.Sprintf("%s", roleFilter.Team)
-					isValidAuth := managerAuth(casbin2.ResourceUser, token, rbacObject)
-					if !isValidAuth {
-						continue
-					}
-				}
 				switch roleFilter.Entity {
 				case bean2.EntityJobs:
 					{
-						policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForJobsEntity(roleFilter, request.UserId, roleGroup, existingRoles, token, managerAuth, tx, mapping[index])
+						policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForJobsEntity(roleFilter, request.UserId, roleGroup, existingRoles, tx, mapping[index])
 						policies = append(policies, policiesToBeAdded...)
 						if err != nil {
 							impl.logger.Errorw("error in creating updating role group for jobs entity", "err", err, "roleFilter", roleFilter)
 						}
 					}
 				default:
 					{
-						policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForOtherEntity(roleFilter, request, roleGroup, existingRoles, token, managerAuth, tx, mapping[index])
+						policiesToBeAdded, err := impl.CreateOrUpdateRoleGroupForOtherEntity(roleFilter, request, roleGroup, existingRoles, tx, mapping[index])
 						policies = append(policies, policiesToBeAdded...)
 						if err != nil {
 							impl.logger.Errorw("error in creating updating role group for other entity", "err", err, "roleFilter", roleFilter)
@@ -483,6 +474,22 @@ func (impl RoleGroupServiceImpl) UpdateRoleGroup(request *bean.RoleGroup, token
 			policies = append(policies, casbin2.Policy{Type: "g", Sub: casbin2.Subject(roleGroup.CasbinName), Obj: casbin2.Object(roleModel.Role)})
 		}
 	}
+
+	if checkRBACForGroupUpdate != nil {
+		isAuthorised, err := checkRBACForGroupUpdate(token, request, eliminatedRoleModels)
+		if err != nil {
+			impl.logger.Errorw("error in checking RBAC for role group update", "err", err, "request", request)
+			return nil, err
+		} else if !isAuthorised {
+			impl.logger.Errorw("rbac check failed for role group update", "request", request)
+			return nil, &util.ApiError{
+				Code:           "403",
+				HttpStatusCode: http.StatusForbidden,
+				UserMessage:    "unauthorized",
+			}
+		}
+	}
+
 	//deleting policies from casbin
 	impl.logger.Debugw("eliminated policies", "eliminatedPolicies", eliminatedPolicies)
 	if len(eliminatedPolicies) > 0 {