Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature/docs/281 add documentation on advanced installation and configuration #286

Merged
merged 38 commits into from
Dec 19, 2024
Merged

Feature/docs/281 add documentation on advanced installation and configuration #286

merged 38 commits into from
Dec 19, 2024

Conversation

RabbITCybErSeC
Copy link
Collaborator

No description provided.

RabbITCybErSeC and others added 20 commits December 9, 2024 12:56
@RabbITCybErSeC
version bump of go 1.22 to 1.23
e37d1ef
@RabbITCybErSeC
bump version in ci
a96d5e0
@RabbITCybErSeC
added text for advanced config + installation
e82ec34
@RabbITCybErSeC
index changes
715ae0a
@RabbITCybErSeC
Merge branch 'development' into feature/281-add-documentation-on-adva…
77700dc 
…nced-installation-and-configuration
@RabbITCybErSeC
Merge branch 'development' into feature/281-add-documentation-on-adva…
f90bd1e 
…nced-installation-and-configuration
@RabbITCybErSeC
section on section on setting up authentik
d926c51
@RabbITCybErSeC
fix authentik uri
f113dda
@RabbITCybErSeC
added index
11d6e08
@RabbITCybErSeC
added images for authentik
e67ddbb
@RabbITCybErSeC
added a picture
4ea2f4f
@RabbITCybErSeC
added description setting up the authentication provider
0be1815
@RabbITCybErSeC
moved the part of the table to advanced config and install
7dbdedd
@RabbITCybErSeC
more description added
f97c669
@RabbITCybErSeC
added images for authentik explanation
53abf8e
@RabbITCybErSeC
more rbac setup explanation
6639e20
@RabbITCybErSeC
moved playbooks to their own folder
4e21cdc
@RabbITCybErSeC
added m2m implementation for authentik
84eb33a
@RabbITCybErSeC
finished setup ddocs for rbac
1126335
@RabbITCybErSeC
fix auto formatter issue
8ad6445
@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 10, 2024
edited
Loading

Sigrid maintainability feedback

✅ You wrote maintainable code and achieved your objective of 3.8 stars

Show details

Sigrid compared your code against the baseline of 2024-12-12.

👍 What went well?

You fixed or improved 1 refactoring candidates.

Risk System property Location
🟡 Unit Size
(Improved)		 internal/controller/controller.go
Initialize()

👎 What could be better?

Unfortunately, 1 refactoring candidates were introduced or got worse.

Risk System property Location
🟡 Unit Size
(Introduced)		 internal/controller/controller.go
run(app *gin.Engine)

📚 Remaining technical debt

5 refactoring candidates didn't get better or worse, but are still present in the code you touched.

View this system in Sigrid** to explore your technical debt

⭐️ Sigrid ratings

System property System on 2024-12-12 Before changes New/changed code
Volume 5.4 N/A N/A
Duplication 4.4 5.5 5.5
Unit Size 2.6 1.7 1.8
Unit Complexity 2.8 3.6 3.8
Unit Interfacing 2.9 5.5 5.5
Module Coupling 3.8 N/A N/A
Component Independence 0.5 N/A N/A
Component Entanglement 2.5 N/A N/A
Maintainability 3.2 3.8 3.9

💬 Did you find this feedback helpful?

We would like to know your thoughts to make Sigrid better.
Your username will remain confidential throughout the process.

View this system in Sigrid

MaartendeKruijf
MaartendeKruijf requested changes Dec 11, 2024
View reviewed changes
Copy link
Collaborator

@MaartendeKruijf MaartendeKruijf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Move the RBAC setup to a separate PR

docs/content/en/docs/installation-configuration/authentication.md Outdated Show resolved Hide resolved
docs/content/en/docs/installation-configuration/authentication.md
Comment on lines +42 to +45
### Spinning up Authentik

Instruction and docker-compose on how to bundle SOARCA with Authentik will come!

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Either point to a docker compose or provide one in deployment

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will add this in a different pull request for now. ok?

docs/content/en/docs/installation-configuration/authentication.md Outdated Show resolved Hide resolved
docs/content/en/docs/installation-configuration/authentication.md Outdated
Comment on lines 90 to 104
{{< tabpane langEqualsHeader=false >}}
{{< tab header="`.env`" lang="txt" >}}
AUTH_ENABLED: true
OIDC_ISSUER: "https://authentikuri/application/o/does-providing-for-soarca/"
OIDC_CLIENT_ID: "WxUcBMGZdI7c0e5oYp6mYdEd64acpXSuWKh8zBH5"
OIDC_SKIP_TLS_VERIFY: true
{{< /tab >}}

{{< tab header="`bash`" lang="bash" >}}
export AUTH_ENABLED=true
export OIDC_ISSUER="https://authentikuri:9443/application/o/does-providing-for-soarca/"
export OIDC_CLIENT_ID="WxUcBMGZdI7c0e5oYp6mYdEd64acpXSuWKh8zBH5"
export OIDC_SKIP_TLS_VERIFY=true
{{< /tab >}}
{{< /tabpane >}}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we could use this style of init which I like better then the one we use now:
see: https://docs.opencti.io/latest/deployment/installation/#configure-the-environment

(cat << EOF
OPENCTI_ADMIN_EMAIL=admin@opencti.io
OPENCTI_ADMIN_PASSWORD=ChangeMePlease
OPENCTI_ADMIN_TOKEN=$(cat /proc/sys/kernel/random/uuid)
OPENCTI_BASE_URL=http://localhost:8080
MINIO_ROOT_USER=$(cat /proc/sys/kernel/random/uuid)
MINIO_ROOT_PASSWORD=$(cat /proc/sys/kernel/random/uuid)
RABBITMQ_DEFAULT_USER=guest
RABBITMQ_DEFAULT_PASS=guest
ELASTIC_MEMORY_SIZE=4G
CONNECTOR_HISTORY_ID=$(cat /proc/sys/kernel/random/uuid)
CONNECTOR_EXPORT_FILE_STIX_ID=$(cat /proc/sys/kernel/random/uuid)
CONNECTOR_EXPORT_FILE_CSV_ID=$(cat /proc/sys/kernel/random/uuid)
CONNECTOR_IMPORT_FILE_STIX_ID=$(cat /proc/sys/kernel/random/uuid)
CONNECTOR_EXPORT_FILE_TXT_ID=$(cat /proc/sys/kernel/random/uuid)
CONNECTOR_IMPORT_DOCUMENT_ID=$(cat /proc/sys/kernel/random/uuid)
SMTP_HOSTNAME=localhost
EOF
) > .env

and

export $(cat .env | grep -v "#" | xargs)

docs/content/en/docs/installation-configuration/authentication.md Outdated Show resolved Hide resolved
examples/docs/auth/go.mod Outdated Show resolved Hide resolved
examples/docs/auth/main.go Outdated Show resolved Hide resolved
examples/docs/auth/main.go Outdated Show resolved Hide resolved
examples/docs/auth/readme.adoc Outdated Show resolved Hide resolved
MaartendeKruijf
MaartendeKruijf requested changes Dec 19, 2024
View reviewed changes
docs/content/en/docs/concepts/executable-playbooks.md
@@ -12,7 +12,7 @@ resources:
SOARCA is build on top of the [CACAO Security Playbook Version 2.0](https://docs.oasis-open.org/cacao/security-playbooks/v2.0/cs01/security-playbooks-v2.0-cs01.html) standard.

{{% alert title="Warning" color="warning" %}}
SOARCA v1.0 only implements a part of the CACAO v2 spec. Only `start`, `end`, and `action` steps are supported at this time.
SOARCA v1.0 only implements a part of the CACAO v2 spec. Only `start`, `end`, `action`, and `if/else` steps are supported at this time.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not correct

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@MaartendeKruijf what is correct then?

docs/content/en/docs/getting-started/_index.md Outdated Show resolved Hide resolved
@RabbITCybErSeC RabbITCybErSeC merged commit fe560ac into development Dec 19, 2024
10 checks passed
@RabbITCybErSeC RabbITCybErSeC deleted the feature/docs/281-add-documentation-on-advanced-installation-and-configuration branch December 19, 2024 15:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MaartendeKruijf MaartendeKruijf MaartendeKruijf approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@RabbITCybErSeC @MaartendeKruijf