Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Web based Cognito authentication for Nucleus Airflow UI #137

Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open

Web based Cognito authentication for Nucleus Airflow UI #137

wants to merge 9 commits into from

Conversation

ramesh-maddegoda
Copy link
Contributor

🗒️ Summary

Web based Cognito authentication for Nucleus Airflow UI. This implementation is based on the AWS Technical Guide
Accessing a private Amazon MWAA environment using federated identities

♻️ Related Issues

Web based Cognito authentication for Nucleus Airflow UI

@ramesh-maddegoda ramesh-maddegoda mentioned this pull request Feb 4, 2025
Open
@jordanpadams
Copy link
Member

@ramesh-maddegoda can we investigate these hotspots found by SonarCloud? Also generate a new secrets detection baseline for that failed workflow?

@ramesh-maddegoda
UPDATE secret baseline
a7a97df 
Refer to issue: #123
@ramesh-maddegoda
Copy link
Contributor Author

@ramesh-maddegoda can we investigate these hotspots found by SonarCloud? Also generate a new secrets detection baseline for that failed workflow?

@jordanpadams , I did the secret detection 2 times and pushed the new baselines. I am investigating more.

@nutjob4life
Copy link
Member

@ramesh-maddegoda I'll fix the .secrets.baseline — looks like it's missing one and there may be some copy/paste control characters or something

@ramesh-maddegoda
Copy link
Contributor Author

@ramesh-maddegoda I'll fix the .secrets.baseline — looks like it's missing one and there may be some copy/paste control characters or something

@nutjob4life and @jordanpadams , It seems the issues reported are not due to secrets. Those are terraform related suggestions. I am improving those areas.

@jordanpadams
Copy link
Member

thanks @ramesh-maddegoda. in addition to the secrets tool, if you could go into the sonarcloud tool and audit/close these issues with a comment describing why these are not an issue that would be great.

@jordanpadams
Copy link
Member

Let me know if you have any questions

nutjob4life
nutjob4life requested changes Feb 4, 2025
View reviewed changes
Copy link
Member

@nutjob4life nutjob4life left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a couple questions otherwise looking pretty good!

terraform/terraform-modules/cognito-auth/lambda/requirements.txt Outdated Show resolved Hide resolved
terraform/terraform-modules/cognito-auth/lambda/requirements.txt Outdated Show resolved Hide resolved
@ramesh-maddegoda
ADD ALB access logs for pds_nucleus_auth_alb and cloud watch retentio…
0948106 
…n period for pds_nucleus_auth_alb cloud watch group.

Refer to issue: #123
@ramesh-maddegoda
Merge remote-tracking branch 'origin/cognito-alb-lambda' into cognito…
5d27ee0 
…-alb-lambda
@ramesh-maddegoda
ADD an S3 bucket (pds_nucleus_auth_alb_logs_bucket_logs) to enable lo…
3af1090 
…gging for pds_nucleus_auth_alb_logs bucket for additional audit trails as per SonarQube suggestions.

Refer to issue: #123
@ramesh-maddegoda
ADD an S3 bucket (pds_nucleus_auth_alb_logs_bucket_logs) to enable UP…
aab98de 
…DATE the code with code quality improvements.

Refer to issue: #123
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Feb 5, 2025
edited
Loading

Quality Gate Passed Quality Gate passed

Issues
5 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@ramesh-maddegoda
Copy link
Contributor Author

thanks @ramesh-maddegoda. in addition to the secrets tool, if you could go into the sonarcloud tool and audit/close these issues with a comment describing why these are not an issue that would be great.

@jordanpadams , All SonarCube findings are resolved with code changes or with comments (example: a false positive related with using an unverified JWT token, while we actually verify the token few code lines after). In overall, that is a very helpful analysis!.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nutjob4life nutjob4life nutjob4life requested changes

@tloubrieu-jpl tloubrieu-jpl Awaiting requested review from tloubrieu-jpl tloubrieu-jpl is a code owner

@sjoshi-jpl sjoshi-jpl Awaiting requested review from sjoshi-jpl sjoshi-jpl is a code owner

@jordanpadams jordanpadams Awaiting requested review from jordanpadams jordanpadams is a code owner

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ramesh-maddegoda @jordanpadams @nutjob4life