Merge remote-tracking branch 'origin/main' into beta-releases

Author: github-actions[bot]

.evergreen/docker-config/bin/docker-credential-from-env

@@ -0,0 +1,32 @@
+#!/bin/bash
+
+set -euo pipefail
+
+DOCKER_HUB_URL="https://index.docker.io/v1/"
+
+STDIN=$(cat)
+
+ACTION="$1"
+
+case "$ACTION" in
+  get)
+    SERVER_URL="$STDIN"
+
+    if [[ "$SERVER_URL" == "$DOCKER_HUB_URL" ]]; then
+      if [[ -z "${DOCKERHUB_USERNAME:-}" || -z "${DOCKERHUB_PASSWORD:-}" ]]; then
+        echo "Error: DOCKERHUB_USERNAME or DOCKERHUB_PASSWORD environment variables are not set." >&2
+        exit 1
+      fi
+
+      echo "{\"Username\": \"$DOCKERHUB_USERNAME\", \"Secret\": \"$DOCKERHUB_PASSWORD\"}"
+    else
+      echo "Error: No credentials available for $SERVER_URL" >&2
+      exit 1
+    fi
+    ;;
+
+  *)
+    echo "Unsupported action: $ACTION" >&2
+    exit 1
+    ;;
+esac

.evergreen/docker-config/config.json

@@ -0,0 +1,6 @@
+{
+	"auths": {
+		"https://index.docker.io/v1/": {}
+	},
+	"credsStore": "from-env"
+} 

.evergreen/functions.yml

@@ -78,6 +78,8 @@ variables:
     GARASIGN_PASSWORD: ${garasign_password}
     ARTIFACTORY_USERNAME: ${artifactory_username}
     ARTIFACTORY_PASSWORD: ${artifactory_password}
+    DOCKERHUB_USERNAME: ${dockerhub_username}
+    DOCKERHUB_PASSWORD: ${dockerhub_password}
 
 # This is here with the variables because anchors aren't supported across includes
 post:
@@ -982,16 +984,7 @@ functions:
 
           echo
 
-          # Runs for all the commits on main, including nightly builds:
-          if [[ "$EVERGREEN_IS_PATCH" != "true" ]] && [[ "${project}" == "10gen-compass-main" ]]; then
-            export JIRA_BASE_URL="https://jira.mongodb.org"
-            export JIRA_PROJECT="COMPASS"
-            export JIRA_VULNERABILITY_BUILD_INFO="- [Evergreen task|$EVERGREEN_TASK_URL]"
-
-            npm run create-vulnerability-tickets
-          else
-            cat .sbom/vulnerability-report.md
-          fi
+          cat .sbom/vulnerability-report.md
 
           echo
 

.evergreen/preinstall.sh

@@ -18,6 +18,8 @@ echo "IS_WINDOWS: $IS_WINDOWS"
 echo "IS_RHEL: $IS_RHEL"
 echo "IS_UBUNTU: $IS_UBUNTU"
 
+echo "DOCKER_CONFIG: $DOCKER_CONFIG"
+
 SCRIPTDIR="$(cd $(dirname "$0"); pwd)"
 
 if [ -n "$IS_WINDOWS" ]; then

.evergreen/print-compass-env.js

@@ -74,6 +74,8 @@ function printCompassEnv() {
     pathsToPrepend.unshift('/opt/mongodbtoolchain/v4/bin');
   }
 
+  pathsToPrepend.unshift(`${originalPWD}/.evergreen/docker-config/bin`);
+
   PATH = maybePrependPaths(PATH, pathsToPrepend);
   printVar('PATH', PATH);
 
@@ -113,6 +115,8 @@ function printCompassEnv() {
 
   // https://jira.mongodb.org/browse/NODE-6320
   printVar('GYP_DEFINES', `kerberos_use_rtld=${process.platform === 'linux'}`);
+
+  printVar('DOCKER_CONFIG', `${originalPWD}/.evergreen/docker-config`);
 }
 
 printCompassEnv();

.evergreen/start-atlas-cloud-cluster.sh

@@ -2,6 +2,7 @@
 
 RUN_ID="$(date +"%s")-$(git rev-parse --short HEAD)"
 DELETE_AFTER="$(date -u -Iseconds -d '+2 hours' 2>/dev/null || date -u -Iseconds -v '+2H')"
+DOCKER_REGISTRY="${DOCKER_REGISTRY:-docker.io}"
 
 # This script helps to automatically provision Atlas cluster for running the e2e
 # tests against. In CI this will always create a new cluster and delete it when
@@ -39,8 +40,8 @@ DELETE_AFTER="$(date -u -Iseconds -d '+2 hours' 2>/dev/null || date -u -Iseconds
 #     MCLI_ORG_ID           Org ID
 #     MCLI_PROJECT_ID       Project ID
 #
-#     COMPASS_E2E_ATLAS_CLOUD_SANDBOX_USERNAME         Cloud user you created
-#     COMPASS_E2E_ATLAS_CLOUD_SANDBOX_PASSWORD         Cloud user password
+#     COMPASS_E2E_ATLAS_CLOUD_SANDBOX_USERNAME  Cloud user you created
+#     COMPASS_E2E_ATLAS_CLOUD_SANDBOX_PASSWORD  Cloud user password
 #
 # - Source the script followed by running the tests to make sure that some
 #   variables exported from this script are available for the test env:
@@ -68,7 +69,7 @@ function atlascli() {
     -e MCLI_ORG_ID \
     -e MCLI_PROJECT_ID \
     -e MCLI_OPS_MANAGER_URL \
-    mongodb/atlas atlas $@
+    "$DOCKER_REGISTRY/mongodb/atlas" atlas $@
 }
 
 cleanup() {

THIRD-PARTY-NOTICES.md

@@ -1,5 +1,5 @@
 The following third-party software is used by and included in **Mongodb Compass**.
-This document was automatically generated on Mon Nov 18 2024.
+This document was automatically generated on Sun Nov 24 2024.
 
 ## List of dependencies
 

docs/tracking-plan.md

@@ -1,7 +1,7 @@
 
 # Compass Tracking Plan
 
-Generated on Mon, Nov 18, 2024 at 04:28 PM
+Generated on Sun, Nov 24, 2024 at 03:21 AM
 
 ## Table of Contents
 

package-lock.json

@@ -56,7 +56,6 @@
     "snyk-test": "node scripts/snyk-test.js",
     "pregenerate-vulnerability-report": "npm run compile -w packages/compass && npm run snyk-test",
     "generate-vulnerability-report": "mongodb-sbom-tools generate-vulnerability-report --snyk-reports=.sbom/snyk-test-result.json --dependencies=.sbom/dependencies.json --fail-on=high > .sbom/vulnerability-report.md",
-    "create-vulnerability-tickets": "mongodb-sbom-tools generate-vulnerability-report --snyk-reports=.sbom/snyk-test-result.json --dependencies=.sbom/dependencies.json --create-jira-issues",
     "generate-first-party-deps-json": "mongodb-sbom-tools fetch-codeql-results --first-party-deps-list-dest=.sbom/first-party-deps.json --dependencies=.sbom/dependencies.json --exclude-repos=mongodb-js/kerberos",
     "create-static-analysis-report": "mongodb-sbom-tools fetch-codeql-results --sarif-dest=.sbom/codeql.sarif.json",
     "postcreate-static-analysis-report": "mongodb-sbom-tools sarif-to-markdown --sarif=.sbom/codeql.sarif.json --md=.sbom/codeql.md",