This repository was archived by the owner on Sep 17, 2021. It is now read-only.
Release v0.9.0 "13 Reasons" #644
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…stringequalsignorecase Updating ARN.py to look for StringEqualsIgnoreCase in policy condition blocks
* Make JIRA transitions configurable * Support JIRA proxy settings * Support JIRA ticket assignee
Type: generic Why is this change necessary? Pytest patching has a known issue where patches are ignored when a class has already been loaded by any other test running in the same process. This caused random failures when tests are added that import classes patched by other tests that used to run correctly. This change addresses the need by: Splitting the tests out into directories based on the level in the application of the components being tested and running each directory seperatly. Potential Side Effects: No known side effects
Type: generic-bugfix Why is this change necessary? The Netflix merge introduced a two defects: 1) Did not insure condition_accounts was created before used 2) Moved the arn check inside a condition block This change addresses the need by: Move condition_accounts and arn check to cover all paths Potential Side Effects: No known side effects
Fix KMSAuditor exceptions
Add additional JIRA configurations
Plugins support
Add to second set of fields in search component
Add ability to press enter to search in search bar component
* Update dev_setup_osx.rst to get it up-to-date * Update dev_setup_osx doc with Install Python step Add step before Virtualenv to fix ‘sudo pip install virtualenvwrapper --ignore-installed six’ hack * Remove ‘--ignore-installed six’ hack Oops * Update dev_setup_osx doc with Upgrade Pip step Remove Install Pip step
Fix for S3 watcher errors.
…s_references 📦 Remove broken packages link
Remove 'sudo' from 'brew install python'
…brew_python Update dev_setup_osx
…entation Minor reformatting/style changes to Docker docs
…y_monkey into Bridgewater-9033_TestInDir
Organize tests into directories
Type: generic-bugfix Why is this change necessary? We were getting intermittent integrity errors and timeouts when deleting accounts with many items and issues. This appears to be caused by SQL Alchemy's method of handling cascading deletes, which is inefficient and does not appear to handle transactional locks well, allowing for race conditions. This change addresses the need by: Deleting accounts and related records with a raw sql query
Type: generic-bugfix Why is this change necessary? Some kms keys are partially visible but throw exceptions when viewing details. The current code does not handle these cases so we get false access errors and do not see the keys. This change addresses the need by: Handles the access errors and shows partial results. Potential Side Effects: No known side effects
Why is this change necessary? Netflix's direction for unit tests is to use a temporary DB, but we have been using a DB mock class This change addresses the need by: Removing db_mock.py and dependencies and refactoring watcher test setup into new, base watcher test class. Potential Side Effects: None
Type: feature Why is this change necessary? As the number of accounts being watched increases, it becomes harder to manage different environments and which accounts they should be watching. This service enables an API and command-line tool (through manage.py) that allows a bulk list of accounts to be enabled or disabled in one command.
Removing s3_name from exporter and renaming Account.number to identifier
Fix for UI Account creation bug 🐞
1 task
* Change nginx conf location * Change nginx conf location * Change nginx conf location * Cleaner sed if no SSL * Add SESSION_COOKIE_SECURE env * Create default admin user * Refactor and clean docker and docker-compose files * Wait the db * Update gitignore * Update docker docs * Restore SSL in nginx config
* Updating install documentation to simplify. * Hyperlink test. * Another test * Link test * Move to MD? * Moving more things to Markdown * Moving everything to markdown * Updating docker docs * Adding IAM GCP instructions. * Adding RDS Postgres docs * Adding RDS Postgres docs1 * Adding proper apt-get for installing local postgres. * Bumping FlaskSecurityFork. Making SECURITY_MONKEY_SETTINGS optional, doc updates * cli docs and typos * Fixing config path in sample supervisor config * doc updates * Adding thigns back into userguide * Moving travis to config.py * Creating log folder * Travis log permissions * Updating travis DB name * Disabling CSRF on travis for our tests * Fixing travis sed * Moving readme to markdown. various syntax fixes in docs * Updating readme. * Adding table to readme * Putting waffle/gitter on same line * Reorganizing README * Adding link to cloudaux in readme
* Quickstart updates Removing lots of `sudo`. Ran through on a new GCP instance and made some changes for clarity. * quickstart tweaks * Updating supervisor virtualenv path * quickstart updates
* Adding an option to preserve group write permission for log files This commit adds a new log rotate handler that will allow write permission for members of the same group. This is useful in deployment scenarios where other processes manage logs created by Security Monkey. Users can enable this feature by uncommenting the new handler in the config. * Fixing bug in group write access preserving rotate handler This commit fixes a bug in the rotating file handler that preserves group write permission. * fixing comma * Update AUTHORS
* Added doc on update steps * Updating the filename and a few other minor things * Updating title of update document.
* Adding v0.9.0 changelog * Bumping version from 0.8.0 to 0.9.0
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
TODO BEFORE RELEASE:
v0.9.0 (2017-04-13)
dev_setup_osx(Remove sudo)GOOGLE_HOSTED_DOMAINin sample configscheck_access_keysmethod in the IAM User Auditoradd_account_%sfor custom accounts__version__propertypython manage.pywithmonkey#662 - @MonkeySecurity - Replacingpython manage.pywithmonkeyImportant Notes:
SECURITY_MONKEY_SETTINGSis no longer a required environment variable.manage.pyhas been moved inside the package and amonkeyalias has been setup.python manage.py <arguments>you will now callmonkey <arguments>Contributors: