Currently due to collaboration across different vendors and contractors sometimes they use a malformed git config at the client side when checking in code
Once the code is checked in, bitbucket does not reconcile the correct username against the commit often appearing as in bitbuckets commit section.
This is not desirable for audits and can potentially corrupt the commit trail
Need a custom pre commit hook to call the rest API to verfiy that the user has a account and email address against that REST Endpoint.
Using this tool https://github.com/lovato/hooks4git you can create that script in your preferred language. This tool helps you out with the hook management.
What everyone needs to do (in any client side git hook approach) in to install that tool and activate it.
Other options: https://githooks.com/
Related
Please help me with this UseCase. Thanks for any help in advance.
I am creating some Salesforce project in VS Code. I have cloned the repository and pushed it in Github. I have three branches in the repo named as Feature, Developer and Master. Feature is the base branch. Whenever I change or write a code, on deployment it is pushed to Feature.
Now I want that there should be Dev org attached to Developer branch as well and whenever a code after testing is pushed from Feature to Developer branch, or I pull the code to Developer from Feature, all the code shall be deployed to the attached org.
And similarly on pushing the code from Developer to Master.
I wrote the workflow rule and did it nearly.But On creating a pull req, the workflow was working but it was showing error while build and deploy and decryption was failing with error something like that- can't read the directory. Lastly, when I removed encrypt Decrypt keys, Authorization step is not passing and showing the same endless error- OAuth client secret of personal connected app?: sh: 1: read: Illegal option -s.
So the youtube video I followed confused me while encrypting server key. He got some hashkey and hash IV from somewhere and generated new hash key and hash IV to generate some server.key.enc
What tutorial(?) are you following? I don't recognise steps about decrypting keys, it might be some old or overcomplicated method.
There's cool blog post at https://tigerfacesystems.com/blog/sfdx-continuous-integration and/or you can look what SF does themselves in the LWC recipes repository (you know, the one to which most of LWC documentation points to): https://github.com/trailheadapps/lwc-recipes/blob/main/.github/workflows/ci.yml
You'd have to login with sfdx to all target orgs you need, use that "sfdx force:org:display" and "Sfdx Auth Url" trick, save each org's value as different Github variable and create similar scripts.
Right now, I am using the react-idle-timer library to log a user out after a period of inactivity. However, when I close all tabs or windows associated with my application and wait the idle period, then open up the webapp again, I am still considered an active user. I want to find a way to log a user out if they close the webapps after a certain period of time.
I tried using react-native AppState, but I started my app with create-react-app and I am having issues getting the application to react native.
Any advice?
If your user closes the browser tabs/window, it is like they are killing a process using the task manager: The application has no running instances anymore and there is no possibility to prevent this from happening. Therefore, it is not possible to achieve such a log-out mechanism using a client-side approach.
However, there are some possible solutions to this requirement to log out a user upon inactivity, which highly depend on the authentication mechanisms you use.
If your app is frontend-only (and has no dependencies to any backend services), you can have a „last active“ timestamp in local storage, compare and update it on each action and invalidate the users credentials if necessary.
For session-based log-in, you can make the session expire when the user closes the window (which should be the default behavior). Additionally, you can add a session variable similar to the „last active“ field, which is updated on each action and invalidates the authentication state from server side if necessary.
If you are using token-based authentication, you can tweak the token expiration period and regularly re-issue a new token (probably not best practice, but might be working…)
In general, in terms of security, you should always prefer relying on information saved on the server-side of your app rather than on the client-side. Information in the browser can be easily manipulated by an attacker, while checking for a forced log out on the server-side even works when the user decides to hard-reset their machine (or experiences a power outage, …). And if your server-side is not working anymore one day… well, then you have some bigger problems.
Regarding react and react-native, though they are working pretty much the same and are using the same framework paradigms, they have one major difference: They are compiling for different platforms. Therefore from my experience and from their technical foundation, it is neither easy nor recommended to use components of one of them for the other one. So it highly depends on your use case which of them to use best.
Even though this is not a safe & sound solution, I hope to give you some orientation on your possibilities for such a log out.
I know that Keycloak saves all its "login events" on the server in the "Events" tab, but also in the database (I came across lines referring to KeycloakDS and Keycloak Database in standalone.xml). Hence my question - since login events are saved in the database, is there any way to automatically save them directly to Syslog? Is there any automaton which copies data from the database and saves it in Syslog? I've heard about various extensions for Keycloak (MQTT, RabbitMQ, or various event-listeners), but I don't know if they can be used for direct automatic copying of data from the Keycloak database to Syslog. Does anyone perhaps have any ideas/suggestions?
You can implement custom EventListener that will transfer all events to Syslog.
https://www.keycloak.org/docs/latest/server_development/index.html#_events
In your implementation you could use syslog appender (You can configute it at JBoss/wildfly level, see logging coniguration in standalone.xml).
I'm busy workflow with Git. What I want to achieve is pushing a local repository with the database to Bitbucket and then automatically push the files to a server and put the mysqldump file into the database.
I can now make a mysqldump of the database with the git pre-commit hook and push this to my Bitbucket repo. After that I want to handle database import automaticcaly.
I found out that this is possible with the post-receive hook, but can't get it working. Where do I have to add that hook? I tried it in the local git hooks folder where my pre-commit hook is located, but it does nothing.
Anyone who can help me?
You can use a post-commit Webhook from Bitbucket (see documentation).
To handle the Webhook, you'll need a server that receives it, then pull the changes and executes whatever you want (your database import).
I made a small node app that receives these hooks if you're interested in re-using it: node-cd
Can I use git hook to determine the version of the client/agent pushing?
I want to deny a push and send a message when the user/client is too old (or too new).
Not on the server side, as that information (git version) isn't part of what is being pushed.
You could ask the client to have a pre-push hook with your test in it, but there is no guarantee that this hook would be deployed (or bypassed by the user).