Release 4.9.5

charts/cdefense/Chart.yaml

@@ -13,9 +13,9 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 4.9.4
+version: 4.9.5
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "4.9.4"
+appVersion: "4.9.5"

charts/cdefense/templates/api/config.yaml

@@ -40,4 +40,5 @@ data:
   CLOUDDEFENSE_SENDGRID_EMAIL: "[email protected]" 
   MICRONAUT_ENVIRONMENTS: {{ .Values.api.environment | default "dev"  }}
   ALERT_SERVICE_URL: "http://alertservice"
-  CUSTOM_ALLOWED_ORIGIN: {{ .Values.api.origin | default "https://cdefense.clouddefenseai.com" }}
+  CUSTOM_ALLOWED_ORIGIN: {{ .Values.api.origin | default "https://cdefense.clouddefenseai.com" }}
+  NODEJS_SERVER: "http://pdf-generator/"

charts/cdefense/templates/api/deployment.yaml

@@ -363,6 +363,11 @@ spec:
             configMapKeyRef:
               name: scan-server-config
               key: ALERT_SERVICE_URL
+        - name: NODEJS_SERVER
+          valueFrom:
+            configMapKeyRef:
+              name: scan-server-config
+              key: NODEJS_SERVER
         - name: ATTACK_PATH_KEY
           valueFrom:
             secretKeyRef:

charts/cdefense/templates/ingress.yaml

@@ -71,6 +71,13 @@ spec:
             name: keycloak
             port:
               number: 80
+      - path: /pdfGenerator/*
+        pathType: ImplementationSpecific
+        backend:
+          service:
+            name: pdf-generator
+            port:
+              number: 80
       - path: /cd-auth/*
         pathType: ImplementationSpecific
         backend:

charts/cdefense/templates/pdf-generator/deployment.yaml

@@ -0,0 +1,46 @@
+{{ if .Values.pdfgenerator.enabled }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: pdf-generator
+  namespace: {{ .Release.Namespace | default "default"}}
+spec:
+  selector:
+    matchLabels:
+      app: pdf-generator
+  # replicas: {{ .Values.pdfgenerator.replicas }}
+  strategy:
+    type: Recreate
+    # type: RollingUpdate
+    # rollingUpdate:
+    #   maxUnavailable: 0%
+    #   maxSurge: 25%
+  template:
+    metadata:
+      labels:
+        app: pdf-generator
+    spec:
+      {{- if .Values.pdfgenerator.nodeSelector }}
+      nodeSelector:
+        label: {{ .Values.pdfgenerator.nodeSelector }}
+      {{- end }}
+      {{- if .Values.pdfgenerator.tolerations }}
+      tolerations:
+{{ toYaml .Values.pdfgenerator.tolerations | indent 8 }}
+      {{- end }}
+      imagePullSecrets:
+      - name: regcred
+      containers:
+      - name: pdf-generator
+        image: {{ .Values.pdfgenerator.image }}:{{ .Values.pdfgenerator.version }}
+        imagePullPolicy: Always
+        # resources:
+        #     requests:
+        #       memory: {{ .Values.pdfgenerator.resources.requests.memory}}
+        #       cpu: {{ .Values.pdfgenerator.resources.requests.cpu }}
+        #     limits:
+        #       memory: {{ .Values.pdfgenerator.resources.limits.memory}}
+        #       cpu: {{ .Values.pdfgenerator.resources.limits.cpu }}
+
+{{ end }}

charts/cdefense/templates/pdf-generator/service.yaml

@@ -0,0 +1,16 @@
+{{ if .Values.pdfgenerator.enabled }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: pdf-generator
+  labels:
+    app: pdf-generator
+spec:
+  type: {{ .Values.pdfgenerator.service.type }}
+  selector:
+    app: pdf-generator
+  ports:
+    {{- .Values.pdfgenerator.service.ports | toYaml | nindent 2 -}}
+
+{{ end }}

charts/cdefense/values.yaml

@@ -1,4 +1,4 @@
-version: "release-4.9.4"
+version: "release-4.9.5"
 domain: clouddefenseai.com
 hostname: cdefense.clouddefenseai.com
 
@@ -210,3 +210,33 @@ ai:
     maxReplicas: 3
     targetCPUUtilizationPercentage: 80
     targetMemoryUtilizationPercentage: 80
+
+pdfgenerator:
+  enabled: true
+  nodeSelector: cdefense
+  tolerations: []
+  replicas: 1
+  image: cdefense/pdf-generator-service
+  version: "prod"
+  resources:
+    requests:
+      memory: "750Mi"
+      cpu: "250m"
+    limits:
+      memory: "1300Mi"
+      # cpu: "50m"
+  service:
+    type: NodePort
+    ports:
+      - port: 80
+        targetPort: 3000
+  autoscaling:
+    enabled: false
+    minReplicas: 1
+    maxReplicas: 5
+    targetCPUUtilizationPercentage: 100
+    targetMemoryUtilizationPercentage: 100
+    scaleUpstabilizationWindowSeconds: 30
+    scaleUpvalue: 1
+    scaleDownstabilizationWindowSeconds: 20
+    scaleDownvalue: 1

release.md

@@ -1,23 +1,15 @@
-Release Date : 11.11.2024
-Release Notes : 4.9.4
+Release Date : 17.12.2024
+Release Notes : 4.9.5
 
 New Features:
 
-1) Added Schedule scan support for DAST and API scan: We have added schedule scan support for DAST and API scan, providing better user experience.
-2) Introduced License report: We have added license report for centralized tracking of utilization metrics.
-3) Added Scan Type filter at Application Page: We have added Scan Type filter at Application Page for better user experience.
-4) Moved Team Selector to side filter: We have removed the team selector from page header and moved it under side filter for better accessibility and uniformity.
-5) Combined Generic API key and Personal API key for better manageability.
-6) Captcha v3 Integration on SignUp: Added Google reCAPTCHA v3 to the sign-up process to enhance security and prevent bot registrations.
-7) OTP Verification for Password: Implemented OTP validation to verify user identity before allowing password changes.
-8) Recover deleted application: We have provided facility to recover deleted application within 15 days to avoid accidental information loss.
-
+1) Azure Container Registry Integration: We have introduced integration with Azure Container Registry (ACR), enabling seamless scanning functionality for enhanced container security.
+2) Google Artifact Registry Integration: Added integration and scanning functionality for Google Artifact Registry, ensuring broader support for artifact repositories.
+3) Graphical Widgets in Weekly Organization Report: Improved the Weekly Organization Report with graphical widgets for enhanced reporting and a more user-friendly visualization experience..
+4) Enhanced OSS Scan License for CLI: The OSS Scan License now includes additional information in the CLI version for more detailed and actionable reporting.
 Improvements:
 
-1) Updated the Azure devops access token request access level.
-2) Bug Fixing on Backend: Fixed bugs across the application for better user experience.
-3) Fixed list of UI issues.
-4) Fixed report genration under Scan history
-5) Updated the rule mappings with OWASP top 10 and SANS top 25 standard.
-6) Removed error message shown on session logout.
-7) Fixed automated container image scan.
+1) Tighter User Privilege Controls: Implemented tighter restrictions on the actions each user role can perform across the platform.
+2) Revamped Email Templates: Redesigned email templates to provide more targeted and relevant information for users, ensuring clearer and more effective communication.
+3) Bug Fixing on Backend: Fixed bugs across the application for better user experience.
+4) Fixed list of UI issues.