Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(jans-pycloudlib): couchbase client exec_query doesn't support timeout option #9519

Merged
merged 2 commits into from
Sep 26, 2024
Merged

fix(jans-pycloudlib): couchbase client exec_query doesn't support timeout option #9519

merged 2 commits into from
Sep 26, 2024

Conversation

iromli
Copy link
Contributor

@iromli iromli commented Sep 17, 2024

Prepare

Description

Target issue

closes #5618

Implementation Details

Test and Document the changes

  • Static code analysis has been run locally and issues have been fixed
  • Relevant unit and integration tests have been added/updated
  • Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)

Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with docs: to indicate documentation changes or if the below checklist is not selected.

  • I confirm that there is no impact on the docs due to the code changes in this PR.

@iromli iromli requested a review from moabu as a code owner September 17, 2024 18:47
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Sep 17, 2024
edited
Loading

DryRun Security Summary

This pull request focuses on improving the security and reliability of the Couchbase persistence layer in the jans-pycloudlib library by introducing timeout handling, configuring Couchbase connection properties, and synchronizing Couchbase certificates.

Expand for full summary

Summary:

The code changes in this pull request focus on improving the security and reliability of the Couchbase persistence layer in the jans-pycloudlib library. The key changes include:

  1. Timeout Handling: The exec_api methods in both N1qlApi and RestApi classes now accept a timeout parameter, allowing the application to set a custom timeout value for API requests. This is an important security measure to prevent the application from getting stuck indefinitely waiting for a response from the Couchbase server.

  2. Couchbase Connection Properties: The render_couchbase_properties function now includes new environment variables to configure the keep-alive settings for the Couchbase connection. This helps maintain a stable connection and prevent unexpected disconnections.

  3. Couchbase Certificate Synchronization: The sync_couchbase_cert and sync_couchbase_truststore functions have been added to handle the synchronization of the Couchbase certificate and truststore, respectively. This ensures that the necessary security certificates are properly managed and accessible for the Couchbase connection.

These changes demonstrate a proactive approach to improving the application's security and reliability when interacting with the Couchbase database. By addressing timeout handling, connection management, and certificate synchronization, the pull request helps mitigate potential security vulnerabilities and improve the overall stability of the Couchbase integration.

Files Changed:

  • jans-pycloudlib/jans/pycloudlib/persistence/couchbase.py: This file contains the changes related to the Couchbase persistence layer. The changes include:
    • Introducing a timeout parameter in the exec_api methods of the N1qlApi and RestApi classes to handle API request timeouts.
    • Adding new environment variables (CN_COUCHBASE_KEEPALIVE_INTERVAL and CN_COUCHBASE_KEEPALIVE_TIMEOUT) to configure the keep-alive settings for the Couchbase connection.
    • Implementing sync_couchbase_cert and sync_couchbase_truststore functions to handle the synchronization of the Couchbase certificate and truststore.

Code Analysis

We ran 9 analyzers against 1 file and 0 analyzers had findings. 9 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

@mo-auto mo-auto added comp-jans-pycloudlib kind-bug Issue or PR is a bug in existing functionality labels Sep 17, 2024
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Sep 17, 2024

Quality Gate Passed Quality Gate passed for 'jans-pycloudlib'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@moabu moabu merged commit 34c6899 into main Sep 26, 2024
10 of 11 checks passed
@moabu moabu deleted the cn-pycloudlib-cb-opts branch September 26, 2024 06:14
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Sep 26, 2024

Quality Gate Passed Quality Gate passed for 'jans-cli'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Sep 26, 2024

Quality Gate Passed Quality Gate passed for 'jans-linux-setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Sep 26, 2024

Quality Gate Passed Quality Gate passed for 'jans-config-api-parent'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Sep 26, 2024

Quality Gate Passed Quality Gate passed for 'orm'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

imShakil pushed a commit that referenced this pull request Oct 3, 2024
@iromli @moabu @imShakil
fix(jans-pycloudlib): couchbase client exec_query doesn't support tim…
b8e33c3 
…eout option (#9519)

Signed-off-by: iromli <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>
yuriyz pushed a commit that referenced this pull request Nov 7, 2024
@iromli @moabu
fix(jans-pycloudlib): couchbase client exec_query doesn't support tim…
76b95b9 
…eout option (#9519)

Signed-off-by: iromli <[email protected]>
Co-authored-by: Mohammad Abudayyeh <[email protected]>
Former-commit-id: 34c6899
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@moabu moabu moabu approved these changes

Assignees
No one assigned
Labels
comp-jans-pycloudlib kind-bug Issue or PR is a bug in existing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fix(jans-pycloudlib): couchbase client exec_query doesn't support timeout option
3 participants
@iromli @moabu @mo-auto