Skip to content

Release/v3.0.0 #652

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 153 commits into from
Jun 11, 2025
Merged

Release/v3.0.0 #652

merged 153 commits into from
Jun 11, 2025

Conversation

mms-gianni
Copy link
Member

Description

Please include a summary of the changes and the related issue. Please also include relevant motivation and context. List any dependencies that are required for this change.

Fixes # (issue)

Type of change

Please delete options that are not relevant.

  • Template (non-breaking change which adds a template)
  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration

  • I've built the image and tested it on a kubernetes cluster

Test Configuration:

  • Operator Version:
  • Kubernetes Version:
  • Kubero CLI Version (if applicable):

Checklist:

  • I removed unnecessary debug logs
  • My code follows the style guidelines of this project
  • I have performed a self-review of my code
  • I documented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings

@mms-gianni
init kubero v3 refactoring
18e7ce3
@mms-gianni
Update package.json and main.ts to use port 2000 for compatibility w…
e0a84d3 
…ith kubero v2.
@mms-gianni
serve static client
5ba11dd
@mms-gianni
add and start a websocket
b567546
@mms-gianni
(WIP) add initial auth function
ba31b7e
@mms-gianni
Merge pull request #621 from kubero-dev/refactoring/add-authentication
fe1c146 
(WIP) add initial auth function
@mms-gianni
(WIP) add basic swagger config
9a69d4b
@mms-gianni
add swagger Server and Auth
af26235
@mms-gianni
add basic routes
7570649
@mms-gianni
add basic modules
6f413c1
@mms-gianni
init settings module
613d81a
@mms-gianni
WIP settings module
d27cc36
@mms-gianni
mark migrated types
0d61eae
@mms-gianni
migrate templates, pipeline, apps and kubectl
87fad09
@mms-gianni
improve logging, connect to kubernetes
ba268f8
@mms-gianni
make settings readable
a3a2a29
@mms-gianni
add some settings endpoints
7486575
@mms-gianni
make kubernetes a global module
f7b8693
@mms-gianni
add Addons and Pipeline
c51876e
@mms-gianni
Migrate templates
bbde7be
@mms-gianni
Migrate templates
5e57db1
@mms-gianni
migrate activy view
0b5bf42
@mms-gianni
migrated pipeline form
92ab455
@mms-gianni
migrated notifications and pipelines partialy
f52b808
@mms-gianni
migrated app overview
46fac46
@mms-gianni
security fix Polynomial regular expression
5c0580a
@mms-gianni
migrate logs and deployments
6a60f73
@mms-gianni
add some dto for kubernetes controller
4b72c97
@mms-gianni
add helmet and cors
e17c5b8
@mms-gianni
migration, add pipeline endpoints
c199183
mms-gianni and others added 27 commits May 26, 2025 10:47
@mms-gianni
add apps meterics
74c5116
@mms-gianni
Merge branch 'main-refactored' of github.com:kubero-dev/kubero into m…
31b5dc0 
…ain-refactored
@mms-gianni
fix tests and use gauge instead of counter
9af5f8c
@mms-gianni
avoid metrics beeing called from outside of the cluster
3a264df
@mms-gianni
disable test, since nestjs is special
e27da8e
@mms-gianni
add a missing route
b0b5a58
@mms-gianni
add tests for auth controller
ef1fb1e
@mms-gianni
Add createPRApp, deletePRApp, triggerImageBuildDelayed, getTemplate,…
0981ee2 
… restartApp, and getPods methods with test cases in AppsService.
@mms-gianni
delete kubero backend v2
3aab352
@mms-gianni
move refactored to server dir
7b408e9
@mms-gianni
fix image size
38671de
@mms-gianni
cleanup and minor fixes
a8bfea1
@mms-gianni
improve Add-ons
6850b2b
@mms-gianni
fix Percona MongoDB Operator Naming
c179bb6
@mms-gianni
remove debug messages
d1a742b
@mms-gianni
use older mysql version as default
8b6368f
@mms-gianni
upgrade server packages
252591a
@mms-gianni
upgrade client packages
5b28cb4
@mms-gianni
migrate read only mode
3b0a5a8
@mms-gianni
Merge pull request #647 from kubero-dev/migrate/readonly-mode
1609af9 
migrate read only mode
@mms-gianni
clean up
ceb8cdf
@mms-gianni
improve settings loading from config.
d9a55d6
@mms-gianni
Add new variables V3 for Kubero settings in .env.template file.
fb791ec
@mms-gianni
fix tests
e2c5dee
@mms-gianni
Merge pull request #650 from kubero-dev/refactoring/configuration
a40ee74 
improve settings loading from config.
@mms-gianni
fix Typo in ENV var
f68e2f6
@mms-gianni
Merge pull request #619 from kubero-dev/main-refactored
66f1113 
Kubero V3 refactoring
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 10, 2025
View reviewed changes
server/src/templates/templates.controller.ts
res.send(template);
} catch (err) {
this.logger.error(err);
res.status(500).send(err);

Check warning

Code scanning / CodeQL

Exception text reinterpreted as HTML Medium

Exception text
Loading
is reinterpreted as HTML without escaping meta-characters.

Copilot Autofix

AI 2 days ago

To fix the issue, we need to ensure that error messages sent in the HTTP response are sanitized or replaced with a generic error message. This prevents any user-controlled input from being reflected back to the client in an unsafe manner.

  1. Replace the direct use of err in the response with a generic error message, such as "An internal server error occurred."
  2. Log the full error details on the server side for debugging purposes, but do not expose them to the client.
  3. Ensure that no sensitive or user-controlled data is included in the error message sent to the client.
Suggested changeset 1
server/src/templates/templates.controller.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/server/src/templates/templates.controller.ts b/server/src/templates/templates.controller.ts
--- a/server/src/templates/templates.controller.ts
+++ b/server/src/templates/templates.controller.ts
@@ -41,3 +41,3 @@
       this.logger.error(err);
-      res.status(500).send(err);
+      res.status(500).send('An internal server error occurred.');
     }
EOF
@@ -41,3 +41,3 @@
this.logger.error(err);
res.status(500).send(err);
res.status(500).send('An internal server error occurred.');
}
Copilot is powered by AI and may make mistakes. Always verify output.
server/src/templates/templates.controller.ts
res.send(template);
} catch (err) {
this.logger.error(err);
res.status(500).send(err);

Check warning

Code scanning / CodeQL

Information exposure through a stack trace Medium

This information exposed to the user depends on
stack trace information
Loading
.

Copilot Autofix

AI 2 days ago

To fix the issue, the error message sent to the client should be replaced with a generic message that does not expose sensitive information. The stack trace and other details from the err object should be logged on the server for debugging purposes. This ensures that developers can still access the error details while preventing attackers from exploiting sensitive information.

Steps to implement the fix:

  1. Replace res.status(500).send(err) with a generic error message, such as "An internal server error occurred".
  2. Ensure the detailed error information (err) is logged using this.logger.error(err).
  3. No additional imports or dependencies are required, as the Logger class is already being used.
Suggested changeset 1
server/src/templates/templates.controller.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/server/src/templates/templates.controller.ts b/server/src/templates/templates.controller.ts
--- a/server/src/templates/templates.controller.ts
+++ b/server/src/templates/templates.controller.ts
@@ -41,3 +41,3 @@
       this.logger.error(err);
-      res.status(500).send(err);
+      res.status(500).send("An internal server error occurred");
     }
EOF
@@ -41,3 +41,3 @@
this.logger.error(err);
res.status(500).send(err);
res.status(500).send("An internal server error occurred");
}
Copilot is powered by AI and may make mistakes. Always verify output.
@github-actions GitHub Actions
Copy link

Lines Statements Branches Functions
Coverage: 87%
 87.07% (10817/12422) 70.58% (559/792) 80.7% (297/368)
Tests Skipped Failures Errors Time
382 0 💤 0 ❌ 0 🔥 54.465s ⏱️

@mms-gianni mms-gianni merged commit 01b35bd into main Jun 11, 2025
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@mms-gianni