diff --git a/.secrets.baseline b/.secrets.baseline index 007d3401e..de0a7487d 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -351,6 +351,71 @@ "line_number": 84 } ], + "gen3/lib/testData/default/expectedFenceResult.yaml": [ + { + "type": "Secret Keyword", + "filename": "gen3/lib/testData/default/expectedFenceResult.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 68 + }, + { + "type": "Secret Keyword", + "filename": "gen3/lib/testData/default/expectedFenceResult.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 71 + }, + { + "type": "Secret Keyword", + "filename": "gen3/lib/testData/default/expectedFenceResult.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 74 + }, + { + "type": "Secret Keyword", + "filename": "gen3/lib/testData/default/expectedFenceResult.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 84 + }, + { + "type": "Secret Keyword", + "filename": "gen3/lib/testData/default/expectedFenceResult.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 87 + }, + { + "type": "Secret Keyword", + "filename": "gen3/lib/testData/default/expectedFenceResult.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 90 + }, + { + "type": "Secret Keyword", + "filename": "gen3/lib/testData/default/expectedFenceResult.yaml", + "hashed_secret": "98f5a68541a6d981bf5825f23dffe6a0b150e457", + "is_verified": false, + "line_number": 93 + }, + { + "type": "Secret Keyword", + "filename": "gen3/lib/testData/default/expectedFenceResult.yaml", + "hashed_secret": "0849046cdafcdb17f5a4bf5c528430d5e04ad295", + "is_verified": false, + "line_number": 96 + }, + { + "type": "Secret Keyword", + "filename": "gen3/lib/testData/default/expectedFenceResult.yaml", + "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "is_verified": false, + "line_number": 99 + } + ], "gen3/lib/testData/default/expectedSheepdogResult.yaml": [ { "type": "Secret Keyword", @@ -570,6 +635,43 @@ "line_number": 87 } ], + "kube/services/argo/workflows/fence-usersync-wf.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/argo/workflows/fence-usersync-wf.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 108 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/argo/workflows/fence-usersync-wf.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 111 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/argo/workflows/fence-usersync-wf.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 114 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/argo/workflows/fence-usersync-wf.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 117 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/argo/workflows/fence-usersync-wf.yaml", + "hashed_secret": "ea73fcfdaa415890d5fde24d3b2245671be32f73", + "is_verified": false, + "line_number": 120 + } + ], "kube/services/argocd/values.yaml": [ { "type": "Secret Keyword", @@ -640,445 +742,1516 @@ "line_number": 23 } ], - "kube/services/frontend-framework/frontend-framework-deploy.yaml": [ + "kube/services/datasim/datasim-deploy.yaml": [ { "type": "Secret Keyword", - "filename": "kube/services/frontend-framework/frontend-framework-deploy.yaml", - "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "filename": "kube/services/datasim/datasim-deploy.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", "is_verified": false, - "line_number": 55 + "line_number": 63 }, { "type": "Secret Keyword", - "filename": "kube/services/frontend-framework/frontend-framework-deploy.yaml", - "hashed_secret": "6607b403f74e62246fc6a3c938feffc5a34a7e49", + "filename": "kube/services/datasim/datasim-deploy.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", "is_verified": false, - "line_number": 58 + "line_number": 66 }, { "type": "Secret Keyword", - "filename": "kube/services/frontend-framework/frontend-framework-deploy.yaml", - "hashed_secret": "4b0bb3e58651fe56ee23e59aa6a3cb96dc61ddd2", + "filename": "kube/services/datasim/datasim-deploy.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", "is_verified": false, - "line_number": 61 + "line_number": 72 }, { "type": "Secret Keyword", - "filename": "kube/services/frontend-framework/frontend-framework-deploy.yaml", - "hashed_secret": "e3c7565314f404e3883929f003c65a02a80366e9", + "filename": "kube/services/datasim/datasim-deploy.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", "is_verified": false, - "line_number": 67 + "line_number": 76 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/datasim/datasim-deploy.yaml", + "hashed_secret": "98f5a68541a6d981bf5825f23dffe6a0b150e457", + "is_verified": false, + "line_number": 79 } ], - "kube/services/frontend-framework/frontend-framework-root-deploy.yaml": [ + "kube/services/fence/fence-canary-deploy.yaml": [ { "type": "Secret Keyword", - "filename": "kube/services/frontend-framework/frontend-framework-root-deploy.yaml", - "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "filename": "kube/services/fence/fence-canary-deploy.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", "is_verified": false, - "line_number": 55 + "line_number": 68 }, { "type": "Secret Keyword", - "filename": "kube/services/frontend-framework/frontend-framework-root-deploy.yaml", - "hashed_secret": "6607b403f74e62246fc6a3c938feffc5a34a7e49", + "filename": "kube/services/fence/fence-canary-deploy.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", "is_verified": false, - "line_number": 58 + "line_number": 71 }, { "type": "Secret Keyword", - "filename": "kube/services/frontend-framework/frontend-framework-root-deploy.yaml", - "hashed_secret": "4b0bb3e58651fe56ee23e59aa6a3cb96dc61ddd2", + "filename": "kube/services/fence/fence-canary-deploy.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", "is_verified": false, - "line_number": 61 + "line_number": 74 }, { "type": "Secret Keyword", - "filename": "kube/services/frontend-framework/frontend-framework-root-deploy.yaml", - "hashed_secret": "e3c7565314f404e3883929f003c65a02a80366e9", + "filename": "kube/services/fence/fence-canary-deploy.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", "is_verified": false, - "line_number": 67 - } - ], - "kube/services/gdcapi/gdcapi-deploy.yaml": [ + "line_number": 84 + }, { "type": "Secret Keyword", - "filename": "kube/services/gdcapi/gdcapi-deploy.yaml", - "hashed_secret": "e8c2f0bacaffbf2f9897217c6770413879945296", + "filename": "kube/services/fence/fence-canary-deploy.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", "is_verified": false, - "line_number": 38 + "line_number": 87 }, { "type": "Secret Keyword", - "filename": "kube/services/gdcapi/gdcapi-deploy.yaml", - "hashed_secret": "517cded9f3e3ab79237fde330b97a93f5a943316", + "filename": "kube/services/fence/fence-canary-deploy.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", "is_verified": false, - "line_number": 41 + "line_number": 90 }, { "type": "Secret Keyword", - "filename": "kube/services/gdcapi/gdcapi-deploy.yaml", - "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "filename": "kube/services/fence/fence-canary-deploy.yaml", + "hashed_secret": "98f5a68541a6d981bf5825f23dffe6a0b150e457", "is_verified": false, - "line_number": 44 - } - ], - "kube/services/gen3-discovery-ai/gen3-discovery-ai-deploy.yaml": [ + "line_number": 93 + }, { "type": "Secret Keyword", - "filename": "kube/services/gen3-discovery-ai/gen3-discovery-ai-deploy.yaml", - "hashed_secret": "38ded89f83435a558169dedb91a38f72d6cebf41", + "filename": "kube/services/fence/fence-canary-deploy.yaml", + "hashed_secret": "0849046cdafcdb17f5a4bf5c528430d5e04ad295", "is_verified": false, - "line_number": 27 + "line_number": 96 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/fence/fence-canary-deploy.yaml", + "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "is_verified": false, + "line_number": 99 } ], - "kube/services/indexd/indexd-canary-deploy.yaml": [ + "kube/services/fenceshib/fenceshib-canary-deploy.yaml": [ { "type": "Secret Keyword", - "filename": "kube/services/indexd/indexd-canary-deploy.yaml", - "hashed_secret": "0b701c1fabb6ba47a7d47d455e3696d207014bd3", + "filename": "kube/services/fenceshib/fenceshib-canary-deploy.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", "is_verified": false, - "line_number": 59 + "line_number": 62 }, { "type": "Secret Keyword", - "filename": "kube/services/indexd/indexd-canary-deploy.yaml", - "hashed_secret": "aee98a99696237d70b6854ee4c2d9e42bc696039", + "filename": "kube/services/fenceshib/fenceshib-canary-deploy.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", "is_verified": false, - "line_number": 62 + "line_number": 65 }, { "type": "Secret Keyword", - "filename": "kube/services/indexd/indexd-canary-deploy.yaml", - "hashed_secret": "bdecca54d39013d43d3b7f05f2927eaa7df375dc", + "filename": "kube/services/fenceshib/fenceshib-canary-deploy.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", "is_verified": false, "line_number": 68 }, { "type": "Secret Keyword", - "filename": "kube/services/indexd/indexd-canary-deploy.yaml", - "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "filename": "kube/services/fenceshib/fenceshib-canary-deploy.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", "is_verified": false, - "line_number": 71 - } - ], - "kube/services/jenkins-ci-worker/jenkins-ci-worker-deploy.yaml": [ + "line_number": 78 + }, { "type": "Secret Keyword", - "filename": "kube/services/jenkins-ci-worker/jenkins-ci-worker-deploy.yaml", - "hashed_secret": "c937b6fbb346a51ef679dd02ac5c4863e02bfdbf", + "filename": "kube/services/fenceshib/fenceshib-canary-deploy.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", "is_verified": false, - "line_number": 143 + "line_number": 81 }, { "type": "Secret Keyword", - "filename": "kube/services/jenkins-ci-worker/jenkins-ci-worker-deploy.yaml", - "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "filename": "kube/services/fenceshib/fenceshib-canary-deploy.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", "is_verified": false, - "line_number": 146 - } - ], - "kube/services/jenkins/jenkins-deploy.yaml": [ + "line_number": 84 + }, { "type": "Secret Keyword", - "filename": "kube/services/jenkins/jenkins-deploy.yaml", - "hashed_secret": "c937b6fbb346a51ef679dd02ac5c4863e02bfdbf", + "filename": "kube/services/fenceshib/fenceshib-canary-deploy.yaml", + "hashed_secret": "98f5a68541a6d981bf5825f23dffe6a0b150e457", "is_verified": false, - "line_number": 144 + "line_number": 87 }, { "type": "Secret Keyword", - "filename": "kube/services/jenkins/jenkins-deploy.yaml", + "filename": "kube/services/fenceshib/fenceshib-canary-deploy.yaml", + "hashed_secret": "0849046cdafcdb17f5a4bf5c528430d5e04ad295", + "is_verified": false, + "line_number": 90 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/fenceshib/fenceshib-canary-deploy.yaml", "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", "is_verified": false, - "line_number": 147 + "line_number": 93 } ], - "kube/services/jenkins2-ci-worker/jenkins2-ci-worker-deploy.yaml": [ + "kube/services/fenceshib/fenceshib-deploy.yaml": [ { "type": "Secret Keyword", - "filename": "kube/services/jenkins2-ci-worker/jenkins2-ci-worker-deploy.yaml", - "hashed_secret": "c937b6fbb346a51ef679dd02ac5c4863e02bfdbf", + "filename": "kube/services/fenceshib/fenceshib-deploy.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", "is_verified": false, - "line_number": 143 + "line_number": 69 }, { "type": "Secret Keyword", - "filename": "kube/services/jenkins2-ci-worker/jenkins2-ci-worker-deploy.yaml", - "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "filename": "kube/services/fenceshib/fenceshib-deploy.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", "is_verified": false, - "line_number": 146 - } - ], - "kube/services/jenkins2/jenkins2-deploy.yaml": [ + "line_number": 72 + }, { "type": "Secret Keyword", - "filename": "kube/services/jenkins2/jenkins2-deploy.yaml", - "hashed_secret": "c937b6fbb346a51ef679dd02ac5c4863e02bfdbf", + "filename": "kube/services/fenceshib/fenceshib-deploy.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", "is_verified": false, - "line_number": 140 + "line_number": 75 }, { "type": "Secret Keyword", - "filename": "kube/services/jenkins2/jenkins2-deploy.yaml", - "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "filename": "kube/services/fenceshib/fenceshib-deploy.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", "is_verified": false, - "line_number": 143 - } - ], - "kube/services/jobs/arborist-rm-expired-access-cronjob.yaml": [ + "line_number": 85 + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/arborist-rm-expired-access-cronjob.yaml", - "hashed_secret": "6c57cdfdaaf3cde7a1da6aa94c7d8e46502c4bab", + "filename": "kube/services/fenceshib/fenceshib-deploy.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", "is_verified": false, - "line_number": 37 - } - ], - "kube/services/jobs/arborist-rm-expired-access-job.yaml": [ + "line_number": 88 + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/arborist-rm-expired-access-job.yaml", - "hashed_secret": "6c57cdfdaaf3cde7a1da6aa94c7d8e46502c4bab", + "filename": "kube/services/fenceshib/fenceshib-deploy.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", "is_verified": false, - "line_number": 37 - } - ], - "kube/services/jobs/arboristdb-create-job.yaml": [ + "line_number": 91 + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/arboristdb-create-job.yaml", - "hashed_secret": "6c57cdfdaaf3cde7a1da6aa94c7d8e46502c4bab", + "filename": "kube/services/fenceshib/fenceshib-deploy.yaml", + "hashed_secret": "98f5a68541a6d981bf5825f23dffe6a0b150e457", "is_verified": false, - "line_number": 33 - } - ], - "kube/services/jobs/aws-bucket-replicate-job.yaml": [ + "line_number": 94 + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/aws-bucket-replicate-job.yaml", - "hashed_secret": "deb02468778f4041fb189654698ac948e436732d", + "filename": "kube/services/fenceshib/fenceshib-deploy.yaml", + "hashed_secret": "0849046cdafcdb17f5a4bf5c528430d5e04ad295", "is_verified": false, - "line_number": 33 + "line_number": 97 }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/aws-bucket-replicate-job.yaml", - "hashed_secret": "abe72fcb190ed9c73eb20e198c73a97605b95063", + "filename": "kube/services/fenceshib/fenceshib-deploy.yaml", + "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", "is_verified": false, - "line_number": 36 + "line_number": 100 }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/aws-bucket-replicate-job.yaml", - "hashed_secret": "ca3cdac59f2bfa45cb014190e4509bf6becf28fb", + "filename": "kube/services/fenceshib/fenceshib-deploy.yaml", + "hashed_secret": "6c4789c3be186fd5dcbf06723462ccdd2c86dc37", + "is_verified": false, + "line_number": 103 + } + ], + "kube/services/frontend-framework/frontend-framework-deploy.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/frontend-framework/frontend-framework-deploy.yaml", + "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "is_verified": false, + "line_number": 55 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/frontend-framework/frontend-framework-deploy.yaml", + "hashed_secret": "6607b403f74e62246fc6a3c938feffc5a34a7e49", + "is_verified": false, + "line_number": 58 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/frontend-framework/frontend-framework-deploy.yaml", + "hashed_secret": "4b0bb3e58651fe56ee23e59aa6a3cb96dc61ddd2", + "is_verified": false, + "line_number": 61 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/frontend-framework/frontend-framework-deploy.yaml", + "hashed_secret": "e3c7565314f404e3883929f003c65a02a80366e9", + "is_verified": false, + "line_number": 67 + } + ], + "kube/services/frontend-framework/frontend-framework-root-deploy.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/frontend-framework/frontend-framework-root-deploy.yaml", + "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "is_verified": false, + "line_number": 55 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/frontend-framework/frontend-framework-root-deploy.yaml", + "hashed_secret": "6607b403f74e62246fc6a3c938feffc5a34a7e49", + "is_verified": false, + "line_number": 58 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/frontend-framework/frontend-framework-root-deploy.yaml", + "hashed_secret": "4b0bb3e58651fe56ee23e59aa6a3cb96dc61ddd2", + "is_verified": false, + "line_number": 61 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/frontend-framework/frontend-framework-root-deploy.yaml", + "hashed_secret": "e3c7565314f404e3883929f003c65a02a80366e9", + "is_verified": false, + "line_number": 67 + } + ], + "kube/services/gdcapi/gdcapi-deploy.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/gdcapi/gdcapi-deploy.yaml", + "hashed_secret": "e8c2f0bacaffbf2f9897217c6770413879945296", + "is_verified": false, + "line_number": 38 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/gdcapi/gdcapi-deploy.yaml", + "hashed_secret": "517cded9f3e3ab79237fde330b97a93f5a943316", + "is_verified": false, + "line_number": 41 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/gdcapi/gdcapi-deploy.yaml", + "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "is_verified": false, + "line_number": 44 + } + ], + "kube/services/gen3-discovery-ai/gen3-discovery-ai-deploy.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/gen3-discovery-ai/gen3-discovery-ai-deploy.yaml", + "hashed_secret": "38ded89f83435a558169dedb91a38f72d6cebf41", + "is_verified": false, + "line_number": 27 + } + ], + "kube/services/google-sa-validation/google-sa-validation-deploy.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/google-sa-validation/google-sa-validation-deploy.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 54 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/google-sa-validation/google-sa-validation-deploy.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 57 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/google-sa-validation/google-sa-validation-deploy.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 63 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/google-sa-validation/google-sa-validation-deploy.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 67 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/google-sa-validation/google-sa-validation-deploy.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 70 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/google-sa-validation/google-sa-validation-deploy.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 73 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/google-sa-validation/google-sa-validation-deploy.yaml", + "hashed_secret": "98f5a68541a6d981bf5825f23dffe6a0b150e457", + "is_verified": false, + "line_number": 76 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/google-sa-validation/google-sa-validation-deploy.yaml", + "hashed_secret": "0849046cdafcdb17f5a4bf5c528430d5e04ad295", + "is_verified": false, + "line_number": 79 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/google-sa-validation/google-sa-validation-deploy.yaml", + "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "is_verified": false, + "line_number": 82 + } + ], + "kube/services/indexd/indexd-canary-deploy.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/indexd/indexd-canary-deploy.yaml", + "hashed_secret": "0b701c1fabb6ba47a7d47d455e3696d207014bd3", + "is_verified": false, + "line_number": 59 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/indexd/indexd-canary-deploy.yaml", + "hashed_secret": "aee98a99696237d70b6854ee4c2d9e42bc696039", + "is_verified": false, + "line_number": 62 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/indexd/indexd-canary-deploy.yaml", + "hashed_secret": "bdecca54d39013d43d3b7f05f2927eaa7df375dc", + "is_verified": false, + "line_number": 68 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/indexd/indexd-canary-deploy.yaml", + "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "is_verified": false, + "line_number": 71 + } + ], + "kube/services/jenkins-ci-worker/jenkins-ci-worker-deploy.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jenkins-ci-worker/jenkins-ci-worker-deploy.yaml", + "hashed_secret": "c937b6fbb346a51ef679dd02ac5c4863e02bfdbf", + "is_verified": false, + "line_number": 143 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jenkins-ci-worker/jenkins-ci-worker-deploy.yaml", + "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "is_verified": false, + "line_number": 146 + } + ], + "kube/services/jenkins/jenkins-deploy.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jenkins/jenkins-deploy.yaml", + "hashed_secret": "c937b6fbb346a51ef679dd02ac5c4863e02bfdbf", + "is_verified": false, + "line_number": 144 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jenkins/jenkins-deploy.yaml", + "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "is_verified": false, + "line_number": 147 + } + ], + "kube/services/jenkins2-ci-worker/jenkins2-ci-worker-deploy.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jenkins2-ci-worker/jenkins2-ci-worker-deploy.yaml", + "hashed_secret": "c937b6fbb346a51ef679dd02ac5c4863e02bfdbf", + "is_verified": false, + "line_number": 143 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jenkins2-ci-worker/jenkins2-ci-worker-deploy.yaml", + "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "is_verified": false, + "line_number": 146 + } + ], + "kube/services/jenkins2/jenkins2-deploy.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jenkins2/jenkins2-deploy.yaml", + "hashed_secret": "c937b6fbb346a51ef679dd02ac5c4863e02bfdbf", + "is_verified": false, + "line_number": 140 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jenkins2/jenkins2-deploy.yaml", + "hashed_secret": "9ce05cf6168d15dfe02aac9ca9e0712c19c9436d", + "is_verified": false, + "line_number": 143 + } + ], + "kube/services/jobs/arborist-rm-expired-access-cronjob.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/arborist-rm-expired-access-cronjob.yaml", + "hashed_secret": "6c57cdfdaaf3cde7a1da6aa94c7d8e46502c4bab", + "is_verified": false, + "line_number": 37 + } + ], + "kube/services/jobs/arborist-rm-expired-access-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/arborist-rm-expired-access-job.yaml", + "hashed_secret": "6c57cdfdaaf3cde7a1da6aa94c7d8e46502c4bab", + "is_verified": false, + "line_number": 37 + } + ], + "kube/services/jobs/arboristdb-create-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/arboristdb-create-job.yaml", + "hashed_secret": "6c57cdfdaaf3cde7a1da6aa94c7d8e46502c4bab", + "is_verified": false, + "line_number": 33 + } + ], + "kube/services/jobs/aws-bucket-replicate-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/aws-bucket-replicate-job.yaml", + "hashed_secret": "deb02468778f4041fb189654698ac948e436732d", + "is_verified": false, + "line_number": 33 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/aws-bucket-replicate-job.yaml", + "hashed_secret": "abe72fcb190ed9c73eb20e198c73a97605b95063", + "is_verified": false, + "line_number": 36 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/aws-bucket-replicate-job.yaml", + "hashed_secret": "ca3cdac59f2bfa45cb014190e4509bf6becf28fb", + "is_verified": false, + "line_number": 42 + } + ], + "kube/services/jobs/bucket-manifest-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/bucket-manifest-job.yaml", + "hashed_secret": "6c36710fe8825b381388d7005f2c9b5c70175fba", + "is_verified": false, + "line_number": 33 + } + ], + "kube/services/jobs/bucket-replicate-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/bucket-replicate-job.yaml", + "hashed_secret": "84954f7729144580d612cbb0517aeca8880e3483", + "is_verified": false, + "line_number": 46 + } + ], + "kube/services/jobs/bucket-replication-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/bucket-replication-job.yaml", + "hashed_secret": "84954f7729144580d612cbb0517aeca8880e3483", + "is_verified": false, + "line_number": 32 + } + ], + "kube/services/jobs/bucket-size-report-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/bucket-size-report-job.yaml", + "hashed_secret": "7cccf62cb63863d9d3baabed4f576eb0f7039735", + "is_verified": false, + "line_number": 34 + } + ], + "kube/services/jobs/cedar-ingestion-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/cedar-ingestion-job.yaml", + "hashed_secret": "e1c426d126dcc618dcd0686fc718d509ca6ee3b8", + "is_verified": false, + "line_number": 54 + } + ], + "kube/services/jobs/client-modify-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/client-modify-job.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 41 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/client-modify-job.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 44 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/client-modify-job.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 50 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/client-modify-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 54 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/client-modify-job.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 57 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/client-modify-job.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 60 + } + ], + "kube/services/jobs/cogwheel-register-client-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/cogwheel-register-client-job.yaml", + "hashed_secret": "09b772df628fd10bca646b6a877eb661122210ab", + "is_verified": false, + "line_number": 40 + } + ], + "kube/services/jobs/config-fence-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/config-fence-job.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 44 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/config-fence-job.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 54 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/config-fence-job.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 57 + } + ], + "kube/services/jobs/covid19-etl-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/covid19-etl-job.yaml", + "hashed_secret": "a7a2b42615b2b256a7c601c77c426e5d6cafb212", + "is_verified": false, + "line_number": 34 + } + ], + "kube/services/jobs/covid19-notebook-etl-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/covid19-notebook-etl-job.yaml", + "hashed_secret": "a7a2b42615b2b256a7c601c77c426e5d6cafb212", + "is_verified": false, + "line_number": 33 + } + ], + "kube/services/jobs/data-ingestion-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/data-ingestion-job.yaml", + "hashed_secret": "81e4388059839f71aed21999aa51095c7e545094", + "is_verified": false, + "line_number": 34 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/data-ingestion-job.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 48 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/data-ingestion-job.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 51 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/data-ingestion-job.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 54 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/data-ingestion-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 60 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/data-ingestion-job.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 63 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/data-ingestion-job.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 66 + } + ], + "kube/services/jobs/etl-cronjob.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/etl-cronjob.yaml", + "hashed_secret": "ca253d1c9dece2da0d6fb24ded7bdb849a475966", + "is_verified": false, + "line_number": 38 + } + ], + "kube/services/jobs/etl-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/etl-job.yaml", + "hashed_secret": "ca253d1c9dece2da0d6fb24ded7bdb849a475966", + "is_verified": false, + "line_number": 35 + } + ], + "kube/services/jobs/fence-cleanup-expired-ga4gh-info-cronjob.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/fence-cleanup-expired-ga4gh-info-cronjob.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 43 + } + ], + "kube/services/jobs/fence-cleanup-expired-ga4gh-info-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/fence-cleanup-expired-ga4gh-info-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 36 + } + ], + "kube/services/jobs/fence-db-migrate-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/fence-db-migrate-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 36 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/fence-db-migrate-job.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 39 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/fence-db-migrate-job.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 42 + } + ], + "kube/services/jobs/fence-delete-expired-clients-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/fence-delete-expired-clients-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 38 + } + ], + "kube/services/jobs/fence-visa-update-cronjob.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/fence-visa-update-cronjob.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 42 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/fence-visa-update-cronjob.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 45 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/fence-visa-update-cronjob.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 48 + } + ], + "kube/services/jobs/fence-visa-update-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/fence-visa-update-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 36 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/fence-visa-update-job.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 39 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/fence-visa-update-job.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 42 + } + ], + "kube/services/jobs/fencedb-create-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/fencedb-create-job.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 33 + } + ], + "kube/services/jobs/gdcdb-create-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/gdcdb-create-job.yaml", + "hashed_secret": "79496491225eda4a7be9fcddee2825c85b1535cc", + "is_verified": false, + "line_number": 33 + } + ], + "kube/services/jobs/gen3qa-check-bucket-access-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/gen3qa-check-bucket-access-job.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 177 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/gen3qa-check-bucket-access-job.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 180 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/gen3qa-check-bucket-access-job.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 186 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/gen3qa-check-bucket-access-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 190 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/gen3qa-check-bucket-access-job.yaml", + "hashed_secret": "98f5a68541a6d981bf5825f23dffe6a0b150e457", + "is_verified": false, + "line_number": 193 + } + ], + "kube/services/jobs/gentestdata-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/gentestdata-job.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 67 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/gentestdata-job.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 70 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/gentestdata-job.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 76 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/gentestdata-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 80 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/gentestdata-job.yaml", + "hashed_secret": "98f5a68541a6d981bf5825f23dffe6a0b150e457", + "is_verified": false, + "line_number": 83 + } + ], + "kube/services/jobs/google-bucket-manifest-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-bucket-manifest-job.yaml", + "hashed_secret": "5ca8fff7767e5dd6ebed80e2c8eab66d6f3bf5eb", + "is_verified": false, + "line_number": 31 + } + ], + "kube/services/jobs/google-bucket-replicate-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-bucket-replicate-job.yaml", + "hashed_secret": "b6f0ec0b08da77656ced48427841e28d7a8a81d6", + "is_verified": false, + "line_number": 35 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-bucket-replicate-job.yaml", + "hashed_secret": "abe72fcb190ed9c73eb20e198c73a97605b95063", + "is_verified": false, + "line_number": 38 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-bucket-replicate-job.yaml", + "hashed_secret": "ca3cdac59f2bfa45cb014190e4509bf6becf28fb", + "is_verified": false, + "line_number": 41 + } + ], + "kube/services/jobs/google-create-bucket-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-create-bucket-job.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 78 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-create-bucket-job.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 81 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-create-bucket-job.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 84 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-create-bucket-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 91 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-create-bucket-job.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 94 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-create-bucket-job.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 97 + } + ], + "kube/services/jobs/google-delete-expired-access-cronjob.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-access-cronjob.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 43 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-access-cronjob.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 46 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-access-cronjob.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 49 + } + ], + "kube/services/jobs/google-delete-expired-access-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-access-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 36 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-access-job.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 39 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-access-job.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", "is_verified": false, "line_number": 42 } ], - "kube/services/jobs/bucket-manifest-job.yaml": [ + "kube/services/jobs/google-delete-expired-service-account-cronjob.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-service-account-cronjob.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 48 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-service-account-cronjob.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 51 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-service-account-cronjob.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 57 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-service-account-cronjob.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 61 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-service-account-cronjob.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 64 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-service-account-cronjob.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 67 + } + ], + "kube/services/jobs/google-delete-expired-service-account-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-service-account-job.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 40 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-service-account-job.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 43 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-service-account-job.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 49 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-service-account-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 53 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-service-account-job.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 56 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-delete-expired-service-account-job.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 59 + } + ], + "kube/services/jobs/google-init-proxy-groups-cronjob.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-init-proxy-groups-cronjob.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 48 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-init-proxy-groups-cronjob.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 51 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-init-proxy-groups-cronjob.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 54 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-init-proxy-groups-cronjob.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 61 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-init-proxy-groups-cronjob.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 64 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-init-proxy-groups-cronjob.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 67 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-init-proxy-groups-cronjob.yaml", + "hashed_secret": "98f5a68541a6d981bf5825f23dffe6a0b150e457", + "is_verified": false, + "line_number": 70 + } + ], + "kube/services/jobs/google-init-proxy-groups-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-init-proxy-groups-job.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 40 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-init-proxy-groups-job.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 43 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-init-proxy-groups-job.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 46 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-init-proxy-groups-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 53 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-init-proxy-groups-job.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 56 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-init-proxy-groups-job.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 59 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-init-proxy-groups-job.yaml", + "hashed_secret": "98f5a68541a6d981bf5825f23dffe6a0b150e457", + "is_verified": false, + "line_number": 62 + } + ], + "kube/services/jobs/google-manage-account-access-cronjob.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-manage-account-access-cronjob.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 48 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-manage-account-access-cronjob.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 51 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-manage-account-access-cronjob.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 54 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-manage-account-access-cronjob.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 61 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-manage-account-access-cronjob.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 64 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-manage-account-access-cronjob.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 67 + } + ], + "kube/services/jobs/google-manage-account-access-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-manage-account-access-job.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 40 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-manage-account-access-job.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 43 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-manage-account-access-job.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 46 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-manage-account-access-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 53 + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/bucket-manifest-job.yaml", - "hashed_secret": "6c36710fe8825b381388d7005f2c9b5c70175fba", + "filename": "kube/services/jobs/google-manage-account-access-job.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", "is_verified": false, - "line_number": 33 - } - ], - "kube/services/jobs/bucket-replicate-job.yaml": [ + "line_number": 56 + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/bucket-replicate-job.yaml", - "hashed_secret": "84954f7729144580d612cbb0517aeca8880e3483", + "filename": "kube/services/jobs/google-manage-account-access-job.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", "is_verified": false, - "line_number": 46 + "line_number": 59 } ], - "kube/services/jobs/bucket-replication-job.yaml": [ + "kube/services/jobs/google-manage-keys-cronjob.yaml": [ { "type": "Secret Keyword", - "filename": "kube/services/jobs/bucket-replication-job.yaml", - "hashed_secret": "84954f7729144580d612cbb0517aeca8880e3483", + "filename": "kube/services/jobs/google-manage-keys-cronjob.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", "is_verified": false, - "line_number": 32 - } - ], - "kube/services/jobs/bucket-size-report-job.yaml": [ + "line_number": 48 + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/bucket-size-report-job.yaml", - "hashed_secret": "7cccf62cb63863d9d3baabed4f576eb0f7039735", + "filename": "kube/services/jobs/google-manage-keys-cronjob.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", "is_verified": false, - "line_number": 34 - } - ], - "kube/services/jobs/cedar-ingestion-job.yaml": [ + "line_number": 51 + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/cedar-ingestion-job.yaml", - "hashed_secret": "e1c426d126dcc618dcd0686fc718d509ca6ee3b8", + "filename": "kube/services/jobs/google-manage-keys-cronjob.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", "is_verified": false, "line_number": 54 - } - ], - "kube/services/jobs/cogwheel-register-client-job.yaml": [ + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/cogwheel-register-client-job.yaml", - "hashed_secret": "09b772df628fd10bca646b6a877eb661122210ab", + "filename": "kube/services/jobs/google-manage-keys-cronjob.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", "is_verified": false, - "line_number": 40 - } - ], - "kube/services/jobs/config-fence-job.yaml": [ + "line_number": 61 + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/config-fence-job.yaml", - "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "filename": "kube/services/jobs/google-manage-keys-cronjob.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", "is_verified": false, - "line_number": 44 + "line_number": 64 }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/config-fence-job.yaml", + "filename": "kube/services/jobs/google-manage-keys-cronjob.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 67 + } + ], + "kube/services/jobs/google-manage-keys-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-manage-keys-job.yaml", "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", "is_verified": false, - "line_number": 54 + "line_number": 40 }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/config-fence-job.yaml", + "filename": "kube/services/jobs/google-manage-keys-job.yaml", "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", "is_verified": false, - "line_number": 57 - } - ], - "kube/services/jobs/covid19-etl-job.yaml": [ + "line_number": 43 + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/covid19-etl-job.yaml", - "hashed_secret": "a7a2b42615b2b256a7c601c77c426e5d6cafb212", + "filename": "kube/services/jobs/google-manage-keys-job.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", "is_verified": false, - "line_number": 34 - } - ], - "kube/services/jobs/covid19-notebook-etl-job.yaml": [ + "line_number": 46 + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/covid19-notebook-etl-job.yaml", - "hashed_secret": "a7a2b42615b2b256a7c601c77c426e5d6cafb212", + "filename": "kube/services/jobs/google-manage-keys-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", "is_verified": false, - "line_number": 33 - } - ], - "kube/services/jobs/data-ingestion-job.yaml": [ + "line_number": 53 + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/data-ingestion-job.yaml", - "hashed_secret": "81e4388059839f71aed21999aa51095c7e545094", + "filename": "kube/services/jobs/google-manage-keys-job.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", "is_verified": false, - "line_number": 34 + "line_number": 56 }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/data-ingestion-job.yaml", - "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "filename": "kube/services/jobs/google-manage-keys-job.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 59 + } + ], + "kube/services/jobs/google-verify-bucket-access-group-cronjob.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/google-verify-bucket-access-group-cronjob.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", "is_verified": false, "line_number": 48 }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/data-ingestion-job.yaml", - "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "filename": "kube/services/jobs/google-verify-bucket-access-group-cronjob.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", "is_verified": false, "line_number": 51 }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/data-ingestion-job.yaml", - "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "filename": "kube/services/jobs/google-verify-bucket-access-group-cronjob.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", "is_verified": false, "line_number": 54 }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/data-ingestion-job.yaml", + "filename": "kube/services/jobs/google-verify-bucket-access-group-cronjob.yaml", "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", "is_verified": false, - "line_number": 60 + "line_number": 61 }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/data-ingestion-job.yaml", + "filename": "kube/services/jobs/google-verify-bucket-access-group-cronjob.yaml", "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", "is_verified": false, - "line_number": 63 + "line_number": 64 }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/data-ingestion-job.yaml", + "filename": "kube/services/jobs/google-verify-bucket-access-group-cronjob.yaml", "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", "is_verified": false, - "line_number": 66 - } - ], - "kube/services/jobs/etl-cronjob.yaml": [ - { - "type": "Secret Keyword", - "filename": "kube/services/jobs/etl-cronjob.yaml", - "hashed_secret": "ca253d1c9dece2da0d6fb24ded7bdb849a475966", - "is_verified": false, - "line_number": 38 + "line_number": 67 } ], - "kube/services/jobs/etl-job.yaml": [ + "kube/services/jobs/google-verify-bucket-access-group-job.yaml": [ { "type": "Secret Keyword", - "filename": "kube/services/jobs/etl-job.yaml", - "hashed_secret": "ca253d1c9dece2da0d6fb24ded7bdb849a475966", + "filename": "kube/services/jobs/google-verify-bucket-access-group-job.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", "is_verified": false, - "line_number": 35 - } - ], - "kube/services/jobs/gdcdb-create-job.yaml": [ + "line_number": 40 + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/gdcdb-create-job.yaml", - "hashed_secret": "79496491225eda4a7be9fcddee2825c85b1535cc", + "filename": "kube/services/jobs/google-verify-bucket-access-group-job.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", "is_verified": false, - "line_number": 33 - } - ], - "kube/services/jobs/google-bucket-manifest-job.yaml": [ + "line_number": 43 + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/google-bucket-manifest-job.yaml", - "hashed_secret": "5ca8fff7767e5dd6ebed80e2c8eab66d6f3bf5eb", + "filename": "kube/services/jobs/google-verify-bucket-access-group-job.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", "is_verified": false, - "line_number": 31 - } - ], - "kube/services/jobs/google-bucket-replicate-job.yaml": [ + "line_number": 46 + }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/google-bucket-replicate-job.yaml", - "hashed_secret": "b6f0ec0b08da77656ced48427841e28d7a8a81d6", + "filename": "kube/services/jobs/google-verify-bucket-access-group-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", "is_verified": false, - "line_number": 35 + "line_number": 53 }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/google-bucket-replicate-job.yaml", - "hashed_secret": "abe72fcb190ed9c73eb20e198c73a97605b95063", + "filename": "kube/services/jobs/google-verify-bucket-access-group-job.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", "is_verified": false, - "line_number": 38 + "line_number": 56 }, { "type": "Secret Keyword", - "filename": "kube/services/jobs/google-bucket-replicate-job.yaml", - "hashed_secret": "ca3cdac59f2bfa45cb014190e4509bf6becf28fb", + "filename": "kube/services/jobs/google-verify-bucket-access-group-job.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", "is_verified": false, - "line_number": 41 + "line_number": 59 } ], "kube/services/jobs/graph-create-job.yaml": [ @@ -1223,6 +2396,108 @@ "line_number": 44 } ], + "kube/services/jobs/usersync-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/usersync-job.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 64 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/usersync-job.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 67 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/usersync-job.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 70 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/usersync-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 77 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/usersync-job.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 80 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/usersync-job.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 83 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/usersync-job.yaml", + "hashed_secret": "ea73fcfdaa415890d5fde24d3b2245671be32f73", + "is_verified": false, + "line_number": 86 + } + ], + "kube/services/jobs/useryaml-job.yaml": [ + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/useryaml-job.yaml", + "hashed_secret": "dbd5f43594a152b52261c8e21520a3989823fe55", + "is_verified": false, + "line_number": 40 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/useryaml-job.yaml", + "hashed_secret": "1c062eaac9e6fa0766377d3cfc3e4a88982fecdb", + "is_verified": false, + "line_number": 43 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/useryaml-job.yaml", + "hashed_secret": "694cfd0a009a42055e975de9111b2f3c6e8a3634", + "is_verified": false, + "line_number": 46 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/useryaml-job.yaml", + "hashed_secret": "4b09a441cef18c75560f6c3caeafc96f2163c3fd", + "is_verified": false, + "line_number": 53 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/useryaml-job.yaml", + "hashed_secret": "7e7478a28dcc3695a083b66b47243b050c813e2d", + "is_verified": false, + "line_number": 56 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/useryaml-job.yaml", + "hashed_secret": "2f57bb00fcb93481c2be444e3e9f322b6cb5fadb", + "is_verified": false, + "line_number": 59 + }, + { + "type": "Secret Keyword", + "filename": "kube/services/jobs/useryaml-job.yaml", + "hashed_secret": "ea73fcfdaa415890d5fde24d3b2245671be32f73", + "is_verified": false, + "line_number": 65 + } + ], "kube/services/kayako-wrapper/kayako-wrapper-deploy.yaml": [ { "type": "Secret Keyword", diff --git a/gen3/bin/api.sh b/gen3/bin/api.sh index 5e816d604..4a11c0b7c 100644 --- a/gen3/bin/api.sh +++ b/gen3/bin/api.sh @@ -68,9 +68,7 @@ gen3_access_token() { if [ "$skip_cache" != "true" ]; then gen3_access_token_from_cache "$username" && return 0 fi - # Adding a fallback to `poetry run fence-create` to cater to fence containers with amazon linux. - g3kubectl exec -c fence $(gen3 pod fence) -- fence-create token-create --scopes openid,user,fence,data,credentials,google_service_account --type access_token --exp ${exp} --username ${username} | tail -1 | gen3_access_token_to_cache "$username" || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create token-create --scopes openid,user,fence,data,credentials,google_service_account --type access_token --exp ${exp} --username ${username} | tail -1 | gen3_access_token_to_cache "$username" + g3kubectl exec -c fence $(gen3 pod fence) -- fence-create token-create --scopes openid,user,fence,data,credentials,google_service_account --type access_token --exp ${exp} --username ${username} | tail -1 | gen3_access_token_to_cache "$username" } # diff --git a/gen3/bin/dcf.sh b/gen3/bin/dcf.sh index 114fc00c5..cc4481281 100644 --- a/gen3/bin/dcf.sh +++ b/gen3/bin/dcf.sh @@ -218,14 +218,9 @@ create_gs_bucket() { echo "Start creating gs bucket ...." if [[ $public == "controlled" ]]; then - # Adding a fallback to `poetry run fence-create` to cater to fence containers with amazon linux. - g3kubectl exec -c fence $(get_pod fence) -- fence-create google-bucket-create --unique-name $bucket_name --storage-class MULTI_REGIONAL --public False --project-auth-id $phsid --access-logs-bucket dcf-logs || \ - g3kubectl exec -c fence $(get_pod fence) -- poetry run fence-create google-bucket-create --unique-name $bucket_name --storage-class MULTI_REGIONAL --public False --project-auth-id $phsid --access-logs-bucket dcf-logs - + g3kubectl exec -c fence $(get_pod fence) -- fence-create google-bucket-create --unique-name $bucket_name --storage-class MULTI_REGIONAL --public False --project-auth-id $phsid --access-logs-bucket dcf-logs elif [[ $public == "public" ]]; then - # Adding a fallback to `poetry run fence-create` to cater to fence containers with amazon linux. - g3kubectl exec -c fence $(get_pod fence) -- fence-create google-bucket-create --unique-name $bucket_name --storage-class MULTI_REGIONAL --public True --access-logs-bucket dcf-logs || \ - g3kubectl exec -c fence $(get_pod fence) -- poetry run fence-create google-bucket-create --unique-name $bucket_name --storage-class MULTI_REGIONAL --public True --access-logs-bucket dcf-logs + g3kubectl exec -c fence $(get_pod fence) -- fence-create google-bucket-create --unique-name $bucket_name --storage-class MULTI_REGIONAL --public True --access-logs-bucket dcf-logs else echo "Can not create the bucket. $public is not supported" exit 1 diff --git a/gen3/bin/kube-setup-apache-guacamole.sh b/gen3/bin/kube-setup-apache-guacamole.sh index eac12e58e..31193c526 100644 --- a/gen3/bin/kube-setup-apache-guacamole.sh +++ b/gen3/bin/kube-setup-apache-guacamole.sh @@ -11,21 +11,12 @@ export namespace=$(gen3 api namespace) new_client() { gen3_log_info "kube-setup-apache-guacamole" "creating fence oidc client for Apache Guacamole" local fence_client="guacamole" - # Adding a fallback to `poetry run fence-create` to cater to fence containers with amazon linux. - - local secrets=$( - (g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client $fence_client --urls https://${hostname}/guac/guacamole/#/ --username guacamole --auto-approve --public --external --allowed-scopes openid profile email user | tail -1) 2>/dev/null || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-create --client $fence_client --urls https://${hostname}/guac/guacamole/#/ --username guacamole --auto-approve --public --external --allowed-scopes openid profile email user | tail -1 - ) + local secrets=$(g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client $fence_client --urls https://${hostname}/guac/guacamole/#/ --username guacamole --auto-approve --public --external --allowed-scopes openid profile email user | tail -1) # secrets looks like ('CLIENT_ID', 'CLIENT_SECRET') if [[ ! $secrets =~ (\'(.*)\', None) ]]; then # try delete client - g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-delete --client $fence_client > /dev/null 2>&1 || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-delete --client $fence_client > /dev/null 2>&1 - secrets=$( - (g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client $fence_client --urls https://${hostname}/guac/guacamole/#/ --username guacamole --auto-approve --public --external --allowed-scopes openid profile email user | tail -1) 2>/dev/null || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-create --client $fence_client --urls https://${hostname}/guac/guacamole/#/ --username guacamole --auto-approve --public --external --allowed-scopes openid profile email user | tail -1 - ) + g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-delete --client $fence_client > /dev/null 2>&1 + secrets=$(g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client $fence_client --urls https://${hostname}/guac/guacamole/#/ --username guacamole --auto-approve --public --external --allowed-scopes openid profile email user | tail -1) if [[ ! $secrets =~ (\'(.*)\', None) ]]; then gen3_log_err "kube-setup-apache-guacamole" "Failed generating oidc client for guacamole: $secrets" return 1 diff --git a/gen3/bin/kube-setup-cedar-wrapper.sh b/gen3/bin/kube-setup-cedar-wrapper.sh index d0586fdd5..a56bebc40 100644 --- a/gen3/bin/kube-setup-cedar-wrapper.sh +++ b/gen3/bin/kube-setup-cedar-wrapper.sh @@ -5,15 +5,9 @@ create_client_and_secret() { local hostname=$(gen3 api hostname) local client_name="cedar_ingest_client" gen3_log_info "kube-setup-cedar-wrapper" "creating fence ${client_name} for $hostname" - -# Adding a fallback to `poetry run fence-create` to cater to fence containers with amazon linux. # delete any existing fence cedar clients - g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-delete --client ${client_name} > /dev/null 2>&1 || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-delete --client ${client_name} > /dev/null 2>&1 - local secrets=$( - (g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client ${client_name} --grant-types client_credentials | tail -1) 2>/dev/null || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-create --client ${client_name} --grant-types client_credentials | tail -1 - ) + g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-delete --client ${client_name} > /dev/null 2>&1 + local secrets=$(g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client ${client_name} --grant-types client_credentials | tail -1) # secrets looks like ('CLIENT_ID', 'CLIENT_SECRET') if [[ ! $secrets =~ (\'(.*)\', \'(.*)\') ]]; then gen3_log_err "kube-setup-cedar-wrapper" "Failed generating ${client_name}" @@ -42,10 +36,7 @@ setup_creds() { fi local client_name="cedar_ingest_client" - local client_list=$( - (g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-list) 2>/dev/null || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-list - ) + local client_list=$(g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-list) local client_count=$(echo "$client_list=" | grep -cE "'name':.*'${client_name}'") gen3_log_info "CEDAR client count = ${client_count}" diff --git a/gen3/bin/kube-setup-metadata-delete-expired-objects-cronjob.sh b/gen3/bin/kube-setup-metadata-delete-expired-objects-cronjob.sh index 0e2699080..1879dc8dc 100644 --- a/gen3/bin/kube-setup-metadata-delete-expired-objects-cronjob.sh +++ b/gen3/bin/kube-setup-metadata-delete-expired-objects-cronjob.sh @@ -12,22 +12,12 @@ setup_config() { if [[ ! -f "$secretsFolder/config.json" ]]; then local hostname=$(gen3 api hostname) gen3_log_info "kube-setup-metadata-delete-expired-objects-job" "creating fence oidc client for $hostname" - # Adding a fallback to `poetry run fence-create` to cater to fence containers with amazon linux. - local secrets=$( - (g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client metadata-delete-expired-objects-job --grant-types client_credentials | tail -1) 2>/dev/null || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-create --client metadata-delete-expired-objects-job --grant-types client_credentials | tail -1 - - ) + local secrets=$(g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client metadata-delete-expired-objects-job --grant-types client_credentials | tail -1) # secrets looks like ('CLIENT_ID', 'CLIENT_SECRET') if [[ ! $secrets =~ (\'(.*)\', \'(.*)\') ]]; then # try delete client - g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-delete --client metadata-delete-expired-objects-job > /dev/null 2>&1 || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-delete --client metadata-delete-expired-objects-job > /dev/null 2>&1 - secrets=$( - (g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client metadata-delete-expired-objects-job --grant-types client_credentials | tail -1) 2>/dev/null || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-create --client metadata-delete-expired-objects-job --grant-types client_credentials | tail -1 - - ) + g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-delete --client metadata-delete-expired-objects-job > /dev/null 2>&1 + secrets=$(g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client metadata-delete-expired-objects-job --grant-types client_credentials | tail -1) if [[ ! $secrets =~ (\'(.*)\', \'(.*)\') ]]; then gen3_log_err "kube-setup-metadata-delete-expired-objects-job" "Failed generating oidc client: $secrets" return 1 diff --git a/gen3/bin/kube-setup-ohdsi.sh b/gen3/bin/kube-setup-ohdsi.sh index b32069c36..3d8165547 100644 --- a/gen3/bin/kube-setup-ohdsi.sh +++ b/gen3/bin/kube-setup-ohdsi.sh @@ -11,13 +11,7 @@ export namespace=$(gen3 api namespace) new_client() { atlas_hostname="atlas.${hostname}" gen3_log_info "kube-setup-ohdsi" "creating fence oidc client for $atlas_hostname" - - # Adding a fallback to `poetry run fence-create` to cater to fence containers with amazon linux. - local secrets=$( - (g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client atlas --urls https://${atlas_hostname}/WebAPI/user/oauth/callback?client_name=OidcClient --username atlas --allowed-scopes openid profile email user | tail -1) 2>/dev/null || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-create --client atlas --urls https://${atlas_hostname}/WebAPI/user/oauth/callback?client_name=OidcClient --username atlas --allowed-scopes openid profile email user | tail -1 - - ) + local secrets=$(g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client atlas --urls https://${atlas_hostname}/WebAPI/user/oauth/callback?client_name=OidcClient --username atlas --allowed-scopes openid profile email user | tail -1) # secrets looks like ('CLIENT_ID', 'CLIENT_SECRET') if [[ ! $secrets =~ (\'(.*)\', \'(.*)\') ]]; then gen3_log_err "kube-setup-ohdsi" "Failed generating oidc client for atlas: $secrets" diff --git a/gen3/bin/kube-setup-pelicanjob.sh b/gen3/bin/kube-setup-pelicanjob.sh index 030610150..907b9f045 100644 --- a/gen3/bin/kube-setup-pelicanjob.sh +++ b/gen3/bin/kube-setup-pelicanjob.sh @@ -28,20 +28,12 @@ if ! g3kubectl describe secret pelicanservice-g3auto | grep config.json > /dev/n # setup fence OIDC client with client_credentials grant for access to MDS API hostname=$(gen3 api hostname) gen3_log_info "kube-setup-sower-jobs" "creating fence oidc client for $hostname" - # Adding a fallback to `poetry run fence-create` to cater to fence containers with amazon linux. - secrets=$( - (g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client pelican-export-job --grant-types client_credentials | tail -1) 2>/dev/null || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-create --client pelican-export-job --grant-types client_credentials | tail -1 - ) + secrets=$(g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client pelican-export-job --grant-types client_credentials | tail -1) # secrets looks like ('CLIENT_ID', 'CLIENT_SECRET') if [[ ! $secrets =~ (\'(.*)\', \'(.*)\') ]]; then # try delete client - g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-delete --client pelican-export-job > /dev/null 2>&1 || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-delete --client pelican-export-job > /dev/null 2>&1 - secrets=$( - (g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client pelican-export-job --grant-types client_credentials | tail -1) 2>/dev/null || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-create --client pelican-export-job --grant-types client_credentials | tail -1 - ) + g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-delete --client pelican-export-job > /dev/null 2>&1 + secrets=$(g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client pelican-export-job --grant-types client_credentials | tail -1) if [[ ! $secrets =~ (\'(.*)\', \'(.*)\') ]]; then gen3_log_err "kube-setup-sower-jobs" "Failed generating oidc client: $secrets" return 1 diff --git a/gen3/bin/kube-setup-superset.sh b/gen3/bin/kube-setup-superset.sh index 04cefb64d..0f1219695 100644 --- a/gen3/bin/kube-setup-superset.sh +++ b/gen3/bin/kube-setup-superset.sh @@ -8,20 +8,12 @@ new_client() { local hostname=$(gen3 api hostname) superset_hostname="superset.${hostname}" gen3_log_info "kube-setup-superset" "creating fence oidc client for $superset_hostname" - # Adding a fallback to `poetry run fence-create` to cater to fence containers with amazon linux. - local secrets=$( - (g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client superset --urls https://${superset_hostname}/oauth-authorized/fence --username superset | tail -1) 2>/dev/null || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-create --client superset --urls https://${superset_hostname}/oauth-authorized/fence --username superset | tail -1 - ) + local secrets=$(g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client superset --urls https://${superset_hostname}/oauth-authorized/fence --username superset | tail -1) # secrets looks like ('CLIENT_ID', 'CLIENT_SECRET') if [[ ! $secrets =~ (\'(.*)\', \'(.*)\') ]]; then # try delete client - g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-delete --client superset > /dev/null 2>&1 || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-delete --client superset > /dev/null 2>&1 - secrets=$( - (g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client superset --urls https://${superset_hostname}/oauth-authorized/fence --username superset | tail -1) 2>/dev/null || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-create --client superset --urls https://${superset_hostname}/oauth-authorized/fence --username superset | tail -1 - ) + g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-delete --client superset > /dev/null 2>&1 + secrets=$(g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client superset --urls https://${superset_hostname}/oauth-authorized/fence --username superset | tail -1) if [[ ! $secrets =~ (\'(.*)\', \'(.*)\') ]]; then gen3_log_err "kube-setup-superset" "Failed generating oidc client for superset: $secrets" return 1 diff --git a/gen3/bin/kube-setup-wts.sh b/gen3/bin/kube-setup-wts.sh index a2f1608cf..ad8211d03 100644 --- a/gen3/bin/kube-setup-wts.sh +++ b/gen3/bin/kube-setup-wts.sh @@ -14,20 +14,12 @@ gen3_load "gen3/lib/kube-setup-init" new_client() { local hostname=$(gen3 api hostname) gen3_log_info "kube-setup-wts" "creating fence oidc client for $hostname" - # Adding a fallback to `poetry run fence-create` to cater to fence containers with amazon linux. - local secrets=$( - (g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client wts --urls "https://${hostname}/wts/oauth2/authorize" --username wts --auto-approve | tail -1) 1>/dev/null || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-create --client wts --urls "https://${hostname}/wts/oauth2/authorize" --username wts --auto-approve | tail -1 - ) + local secrets=$(g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client wts --urls "https://${hostname}/wts/oauth2/authorize" --username wts --auto-approve | tail -1) # secrets looks like ('CLIENT_ID', 'CLIENT_SECRET') if [[ ! $secrets =~ (\'(.*)\', \'(.*)\') ]]; then # try delete client - g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-delete --client wts > /dev/null 2>&1 || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-delete --client wts > /dev/null 2>&1 - secrets=$( - (g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client wts --urls "https://${hostname}/wts/oauth2/authorize" --username wts --auto-approve | tail -1) 1>/dev/null || \ - g3kubectl exec -c fence $(gen3 pod fence) -- poetry run fence-create client-create --client wts --urls "https://${hostname}/wts/oauth2/authorize" --username wts --auto-approve | tail -1 - ) + g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-delete --client wts > /dev/null 2>&1 + secrets=$(g3kubectl exec -c fence $(gen3 pod fence) -- fence-create client-create --client wts --urls "https://${hostname}/wts/oauth2/authorize" --username wts --auto-approve | tail -1) if [[ ! $secrets =~ (\'(.*)\', \'(.*)\') ]]; then gen3_log_err "kube-setup-wts" "Failed generating oidc client for workspace token service: $secrets" return 1 diff --git a/gen3/lib/testData/default/expectedFenceResult.yaml b/gen3/lib/testData/default/expectedFenceResult.yaml index 85646a8fd..98c360531 100644 --- a/gen3/lib/testData/default/expectedFenceResult.yaml +++ b/gen3/lib/testData/default/expectedFenceResult.yaml @@ -219,7 +219,7 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml bash /fence/dockerrun.bash && if [[ -f /dockerrun.sh ]]; then /dockerrun.sh; fi initContainers: - name: fence-init @@ -256,11 +256,11 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml - if (fence-create migrate --help || poetry run fence-create migrate --help) > /dev/null 2>&1; then + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + if fence-create migrate --help > /dev/null 2>&1; then if ! grep -E 'ENABLE_DB_MIGRATION"?: *false' /var/www/fence/fence-config.yaml; then echo "Running db migration: fence-create migrate" - fence-create migrate || poetry run fence-create migrate + fence-create migrate else echo "Db migration disabled in fence-config" fi diff --git a/gen3/lib/testData/test1.manifest.g3k/expectedFenceResult.yaml b/gen3/lib/testData/test1.manifest.g3k/expectedFenceResult.yaml index 3fe1defaa..68d8cb3d8 100644 --- a/gen3/lib/testData/test1.manifest.g3k/expectedFenceResult.yaml +++ b/gen3/lib/testData/test1.manifest.g3k/expectedFenceResult.yaml @@ -225,7 +225,7 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml bash /fence/dockerrun.bash && if [[ -f /dockerrun.sh ]]; then bash /dockerrun.sh; fi initContainers: - name: fence-init @@ -262,12 +262,12 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml - if (fence-create migrate --help || poetry run fence-create migrate --help) > /dev/null 2>&1; then + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + if fence-create migrate --help > /dev/null 2>&1; then if ! grep -E 'ENABLE_DB_MIGRATION"?: *false' /var/www/fence/fence-config.yaml; then echo "Running db migration: fence-create migrate" cd /fence - fence-create migrate || poetry run fence-create migrate + fence-create migrate else echo "Db migration disabled in fence-config" fi diff --git a/kube/services/argo/workflows/fence-usersync-wf.yaml b/kube/services/argo/workflows/fence-usersync-wf.yaml index c2217460a..d7f56a2ce 100644 --- a/kube/services/argo/workflows/fence-usersync-wf.yaml +++ b/kube/services/argo/workflows/fence-usersync-wf.yaml @@ -204,7 +204,7 @@ spec: echo "${ADD_DBGAP}" echo "${ONLY_DBGAP}" echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml echo 'options use-vc' >> /etc/resolv.conf let count=0 while [[ ! -f /mnt/shared/user.yaml && $count -lt 50 ]]; do @@ -215,10 +215,7 @@ spec: if [[ "$SYNC_FROM_DBGAP" != True && "$ADD_DBGAP" != "true" ]]; then if [[ -f /mnt/shared/user.yaml ]]; then echo "running fence-create" - time ( - fence-create sync --arborist http://arborist-service --yaml /mnt/shared/user.yaml || \ - poetry run fence-create sync --arborist http://arborist-service --yaml /mnt/shared/user.yaml - ) + time fence-create sync --arborist http://arborist-service --yaml /mnt/shared/user.yaml else echo "/mnt/shared/user.yaml did not appear within timeout :-(" false # non-zero exit code @@ -228,16 +225,10 @@ spec: output=$(mktemp "/tmp/fence-create-output_XXXXXX") if [[ -f /mnt/shared/user.yaml && "$ONLY_DBGAP" != "true" ]]; then echo "Running fence-create dbgap-sync with user.yaml - see $output" - time ( - fence-create sync --arborist http://arborist-service --sync_from_dbgap "True" --projects /var/www/fence/projects.yaml --yaml /mnt/shared/user.yaml 2>&1 | tee "$output" || \ - poetry run fence-create sync --arborist http://arborist-service --sync_from_dbgap "True" --projects /var/www/fence/projects.yaml --yaml /mnt/shared/user.yaml 2>&1 | tee "$output" - ) + time fence-create sync --arborist http://arborist-service --sync_from_dbgap "True" --projects /var/www/fence/projects.yaml --yaml /mnt/shared/user.yaml 2>&1 | tee "$output" else echo "Running fence-create dbgap-sync without user.yaml - see $output" - time ( - fence-create sync --arborist http://arborist-service --sync_from_dbgap "True" --projects /var/www/fence/projects.yaml 2>&1 | tee "$output" || \ - poetry run fence-create sync --arborist http://arborist-service --sync_from_dbgap "True" --projects /var/www/fence/projects.yaml 2>&1 | tee "$output" - ) + time fence-create sync --arborist http://arborist-service --sync_from_dbgap "True" --projects /var/www/fence/projects.yaml 2>&1 | tee "$output" fi exitcode="${PIPESTATUS[0]}" echo "$output" diff --git a/kube/services/datasim/datasim-deploy.yaml b/kube/services/datasim/datasim-deploy.yaml index 4e20a8be0..0f6f21d68 100644 --- a/kube/services/datasim/datasim-deploy.yaml +++ b/kube/services/datasim/datasim-deploy.yaml @@ -171,7 +171,7 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml if [ -f /fence/jwt-keys.tar ]; then cd /fence tar xvf jwt-keys.tar @@ -188,10 +188,7 @@ spec: sleepTime=10 # retry loop while [[ $count -lt 3 && $success == false ]]; do - if ( - fence-create --path fence token-create --type access_token --username $SUBMISSION_USER --scopes openid,user,test-client --exp 36000 || \ - poetry run fence-create --path fence token-create --type access_token --username $SUBMISSION_USER --scopes openid,user,test-client --exp 36000 - ) > "$tempFile"; then + if fence-create --path fence token-create --type access_token --username $SUBMISSION_USER --scopes openid,user,test-client --exp 36000 > "$tempFile"; then echo "fence-create success!" tail -1 "$tempFile" > /mnt/shared/access_token.txt # base64 --decode complains about invalid characters - don't know why diff --git a/kube/services/fence/fence-canary-deploy.yaml b/kube/services/fence/fence-canary-deploy.yaml index cd7125d8b..513a1a998 100644 --- a/kube/services/fence/fence-canary-deploy.yaml +++ b/kube/services/fence/fence-canary-deploy.yaml @@ -201,5 +201,5 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml bash /fence/dockerrun.bash && if [[ -f /dockerrun.sh ]]; then /dockerrun.sh; fi diff --git a/kube/services/fence/fence-deploy.yaml b/kube/services/fence/fence-deploy.yaml index 50128b92d..153b2c626 100644 --- a/kube/services/fence/fence-deploy.yaml +++ b/kube/services/fence/fence-deploy.yaml @@ -225,7 +225,7 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml bash /fence/dockerrun.bash && if [[ -f /dockerrun.sh ]]; then bash /dockerrun.sh; fi initContainers: - name: fence-init @@ -262,12 +262,12 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml - if (fence-create migrate --help || poetry run fence-create migrate --help) > /dev/null 2>&1; then + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + if fence-create migrate --help > /dev/null 2>&1; then if ! grep -E 'ENABLE_DB_MIGRATION"?: *false' /var/www/fence/fence-config.yaml; then echo "Running db migration: fence-create migrate" cd /fence - fence-create migrate || poetry run fence-create migrate + fence-create migrate else echo "Db migration disabled in fence-config" fi diff --git a/kube/services/fenceshib/fenceshib-canary-deploy.yaml b/kube/services/fenceshib/fenceshib-canary-deploy.yaml index 874920ca0..74085009f 100644 --- a/kube/services/fenceshib/fenceshib-canary-deploy.yaml +++ b/kube/services/fenceshib/fenceshib-canary-deploy.yaml @@ -188,5 +188,5 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml bash /fence/dockerrun.bash && if [[ -f /dockerrun.sh ]]; then /dockerrun.sh; fi diff --git a/kube/services/fenceshib/fenceshib-deploy.yaml b/kube/services/fenceshib/fenceshib-deploy.yaml index 2e1cd72eb..ed5d67535 100644 --- a/kube/services/fenceshib/fenceshib-deploy.yaml +++ b/kube/services/fenceshib/fenceshib-deploy.yaml @@ -235,5 +235,5 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml bash /fence/dockerrunshib.bash && if [[ -f /dockerrun.sh ]]; then /dockerrun.sh; fi diff --git a/kube/services/google-sa-validation/google-sa-validation-deploy.yaml b/kube/services/google-sa-validation/google-sa-validation-deploy.yaml index e1fe01f2f..b35fda845 100644 --- a/kube/services/google-sa-validation/google-sa-validation-deploy.yaml +++ b/kube/services/google-sa-validation/google-sa-validation-deploy.yaml @@ -111,7 +111,7 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml /fence/bin/google-user-sa-validation.sh volumeMounts: - name: "logo-volume" diff --git a/kube/services/jobs/client-modify-job.yaml b/kube/services/jobs/client-modify-job.yaml index 5b497e117..5726092be 100644 --- a/kube/services/jobs/client-modify-job.yaml +++ b/kube/services/jobs/client-modify-job.yaml @@ -119,17 +119,17 @@ spec: - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml #need a way to grab all the clients. echo Starting to collect client list - CLIENT_LIST=$((fence-create client-list || poetry run fence-create client-list) | grep "'name'") + CLIENT_LIST=$(fence-create client-list | grep "'name'") CLIENT_LIST=${CLIENT_LIST//"'name': "/} CLIENT_LIST=${CLIENT_LIST//"'"/} CLIENT_LIST=${CLIENT_LIST//","/} - CLIENT_LIST=($(echo $CLIENT_LIST | xargs)) + CLIENT_LIST=($(echo $CLIENT_LIST | tr " ")) if [[ -z "$FIELD_NAME" ]]; then echo Cannot update field. FIELD_NAME variable must be sepcified. @@ -151,7 +151,7 @@ spec: for index in "${!CLIENT_LIST[@]}" do - $create_command --client ${CLIENT_LIST[index]} || poetry run $create_command --client ${CLIENT_LIST[index]} + $create_command --client ${CLIENT_LIST[index]} done if [[ $? != 0 ]]; then diff --git a/kube/services/jobs/fence-cleanup-expired-ga4gh-info-cronjob.yaml b/kube/services/jobs/fence-cleanup-expired-ga4gh-info-cronjob.yaml index 50ed6ce33..93eaf7652 100644 --- a/kube/services/jobs/fence-cleanup-expired-ga4gh-info-cronjob.yaml +++ b/kube/services/jobs/fence-cleanup-expired-ga4gh-info-cronjob.yaml @@ -72,9 +72,9 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml echo 'options use-vc' >> /etc/resolv.conf - fence-create cleanup-expired-ga4gh-information || poetry run fence-create cleanup-expired-ga4gh-information + fence-create cleanup-expired-ga4gh-information if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" else diff --git a/kube/services/jobs/fence-cleanup-expired-ga4gh-info-job.yaml b/kube/services/jobs/fence-cleanup-expired-ga4gh-info-job.yaml index 1b0c954ba..afeaebf72 100644 --- a/kube/services/jobs/fence-cleanup-expired-ga4gh-info-job.yaml +++ b/kube/services/jobs/fence-cleanup-expired-ga4gh-info-job.yaml @@ -61,8 +61,8 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml - fence-create cleanup-expired-ga4gh-information || poetry run fence-create cleanup-expired-ga4gh-information + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + fence-create cleanup-expired-ga4gh-information if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" fi diff --git a/kube/services/jobs/fence-db-migrate-job.yaml b/kube/services/jobs/fence-db-migrate-job.yaml index c855481d7..53dda3e21 100644 --- a/kube/services/jobs/fence-db-migrate-job.yaml +++ b/kube/services/jobs/fence-db-migrate-job.yaml @@ -100,9 +100,9 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml cd /fence - fence-create migrate || poetry run fence-create migrate + fence-create migrate if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" fi diff --git a/kube/services/jobs/fence-delete-expired-clients-job.yaml b/kube/services/jobs/fence-delete-expired-clients-job.yaml index 36244ac58..9252f6828 100644 --- a/kube/services/jobs/fence-delete-expired-clients-job.yaml +++ b/kube/services/jobs/fence-delete-expired-clients-job.yaml @@ -68,11 +68,11 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml if [[ "$slackWebHook" =~ ^http ]]; then - fence-create client-delete-expired --slack-webhook $slackWebHook --warning-days 7 || poetry run fence-create client-delete-expired --slack-webhook $slackWebHook --warning-days 7 + fence-create client-delete-expired --slack-webhook $slackWebHook --warning-days 7 else - fence-create client-delete-expired || poetry run fence-create client-delete-expired + fence-create client-delete-expired fi exit $? restartPolicy: Never diff --git a/kube/services/jobs/fence-visa-update-cronjob.yaml b/kube/services/jobs/fence-visa-update-cronjob.yaml index 88e9b1aec..eba842ddf 100644 --- a/kube/services/jobs/fence-visa-update-cronjob.yaml +++ b/kube/services/jobs/fence-visa-update-cronjob.yaml @@ -102,7 +102,7 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml create_command="fence-create update-visas" @@ -119,7 +119,7 @@ spec: create_command+=" --concurrency $CONCURRENCY" fi - $create_command || poetry run $create_command + $create_command exitcode=$? if [ "${slackWebHook}" != 'None' ]; then diff --git a/kube/services/jobs/fence-visa-update-job.yaml b/kube/services/jobs/fence-visa-update-job.yaml index 080e011f0..973ba2e3d 100644 --- a/kube/services/jobs/fence-visa-update-job.yaml +++ b/kube/services/jobs/fence-visa-update-job.yaml @@ -96,7 +96,7 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml create_command="fence-create update-visas" @@ -113,7 +113,7 @@ spec: create_command+=" --concurrency $CONCURRENCY" fi - $create_command || poetry run $create_command + $create_command exitcode=$? if [ "${slackWebHook}" != 'None' ]; then diff --git a/kube/services/jobs/fencedb-create-job.yaml b/kube/services/jobs/fencedb-create-job.yaml index 14871d928..a99c7aca3 100644 --- a/kube/services/jobs/fencedb-create-job.yaml +++ b/kube/services/jobs/fencedb-create-job.yaml @@ -48,28 +48,14 @@ spec: - "-c" # Script always succeeds if it runs (echo exits with 0) - | - eval $( - if poetry run python 2> /dev/null < /dev/null < /dev/null < "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml if [ -f /fence/jwt-keys.tar ]; then cd /fence tar xvf jwt-keys.tar @@ -140,10 +140,7 @@ spec: sleepTime=10 # retry loop while [[ $count -lt 3 && $success == false ]]; do - if ( - fence-create --path fence token-create --type access_token --username $TEST_OPERATOR --scopes openid,user,test-client,data --exp $TOKEN_EXPIRATION || \ - poetry run fence-create --path fence token-create --type access_token --username $TEST_OPERATOR --scopes openid,user,test-client,data --exp $TOKEN_EXPIRATION - ) > "$tempFile"; then + if fence-create --path fence token-create --type access_token --username $TEST_OPERATOR --scopes openid,user,test-client,data --exp $TOKEN_EXPIRATION > "$tempFile"; then echo "fence-create success!" tail -1 "$tempFile" > /mnt/shared/access_token.txt # base64 --decode complains about invalid characters - don't know why diff --git a/kube/services/jobs/gentestdata-job.yaml b/kube/services/jobs/gentestdata-job.yaml index 1840607f7..db2fcd82d 100644 --- a/kube/services/jobs/gentestdata-job.yaml +++ b/kube/services/jobs/gentestdata-job.yaml @@ -186,7 +186,7 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml if [ -f /fence/jwt-keys.tar ]; then cd /fence tar xvf jwt-keys.tar @@ -203,10 +203,7 @@ spec: sleepTime=10 # retry loop while [[ $count -lt 3 && $success == false ]]; do - if ( - fence-create --path fence token-create --type access_token --username $SUBMISSION_USER --scopes openid,user,test-client --exp $TOKEN_EXPIRATION || \ - poetry run fence-create --path fence token-create --type access_token --username $SUBMISSION_USER --scopes openid,user,test-client --exp $TOKEN_EXPIRATION - )> "$tempFile"; then + if fence-create --path fence token-create --type access_token --username $SUBMISSION_USER --scopes openid,user,test-client --exp $TOKEN_EXPIRATION > "$tempFile"; then echo "fence-create success!" tail -1 "$tempFile" > /mnt/shared/access_token.txt # base64 --decode complains about invalid characters - don't know why diff --git a/kube/services/jobs/google-create-bucket-job.yaml b/kube/services/jobs/google-create-bucket-job.yaml index 7cc65f196..6e3f248a7 100644 --- a/kube/services/jobs/google-create-bucket-job.yaml +++ b/kube/services/jobs/google-create-bucket-job.yaml @@ -165,7 +165,7 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml if [[ -z "$UNIQUE_BUCKET_NAME" ]]; then echo Cannot create bucket. UNIQUE_BUCKET_NAME variable must be specified. exit 1 # terminate and indicate error @@ -192,7 +192,7 @@ spec: create_command+=" --access-logs-bucket $ACCESS_LOGS_BUCKET" fi - fence-create ${create_command} || poetry run fence-create ${create_command} + fence-create ${create_command} if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" diff --git a/kube/services/jobs/google-delete-expired-access-cronjob.yaml b/kube/services/jobs/google-delete-expired-access-cronjob.yaml index 8087abfee..2b9e4e49a 100644 --- a/kube/services/jobs/google-delete-expired-access-cronjob.yaml +++ b/kube/services/jobs/google-delete-expired-access-cronjob.yaml @@ -86,9 +86,9 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml echo 'options use-vc' >> /etc/resolv.conf - fence-create delete-expired-google-access || poetry run fence-create delete-expired-google-access + fence-create delete-expired-google-access if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" else diff --git a/kube/services/jobs/google-delete-expired-access-job.yaml b/kube/services/jobs/google-delete-expired-access-job.yaml index 64230d5a1..c50272254 100644 --- a/kube/services/jobs/google-delete-expired-access-job.yaml +++ b/kube/services/jobs/google-delete-expired-access-job.yaml @@ -75,8 +75,8 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml - fence-create delete-expired-google-access || poetry run fence-create delete-expired-google-access + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + fence-create delete-expired-google-access if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" fi diff --git a/kube/services/jobs/google-delete-expired-service-account-cronjob.yaml b/kube/services/jobs/google-delete-expired-service-account-cronjob.yaml index 0ba1aa6b3..b40e22624 100644 --- a/kube/services/jobs/google-delete-expired-service-account-cronjob.yaml +++ b/kube/services/jobs/google-delete-expired-service-account-cronjob.yaml @@ -125,9 +125,9 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml echo 'options use-vc' >> /etc/resolv.conf - fence-create expired-service-account-delete || poetry run fence-create expired-service-account-delete + fence-create expired-service-account-delete if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" else diff --git a/kube/services/jobs/google-delete-expired-service-account-job.yaml b/kube/services/jobs/google-delete-expired-service-account-job.yaml index 9fe841ee7..04c19f9e7 100644 --- a/kube/services/jobs/google-delete-expired-service-account-job.yaml +++ b/kube/services/jobs/google-delete-expired-service-account-job.yaml @@ -113,8 +113,8 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml - fence-create expired-service-account-delete || poetry run fence-create expired-service-account-delete + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + fence-create expired-service-account-delete if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" fi diff --git a/kube/services/jobs/google-init-proxy-groups-cronjob.yaml b/kube/services/jobs/google-init-proxy-groups-cronjob.yaml index 53d0f46ff..6b4fc10aa 100644 --- a/kube/services/jobs/google-init-proxy-groups-cronjob.yaml +++ b/kube/services/jobs/google-init-proxy-groups-cronjob.yaml @@ -131,9 +131,9 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml echo 'options use-vc' >> /etc/resolv.conf - fence-create google-init || poetry run fence-create google-init + fence-create google-init if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" else diff --git a/kube/services/jobs/google-init-proxy-groups-job.yaml b/kube/services/jobs/google-init-proxy-groups-job.yaml index ef9ea5dd3..3fa0eb63d 100644 --- a/kube/services/jobs/google-init-proxy-groups-job.yaml +++ b/kube/services/jobs/google-init-proxy-groups-job.yaml @@ -119,8 +119,8 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml - fence-create google-init || poetry run fence-create google-init + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + fence-create google-init if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" fi diff --git a/kube/services/jobs/google-manage-account-access-cronjob.yaml b/kube/services/jobs/google-manage-account-access-cronjob.yaml index c8330a81a..fd8bba606 100644 --- a/kube/services/jobs/google-manage-account-access-cronjob.yaml +++ b/kube/services/jobs/google-manage-account-access-cronjob.yaml @@ -125,9 +125,9 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml echo 'options use-vc' >> /etc/resolv.conf - fence-create google-manage-account-access || poetry run fence-create google-manage-account-access + fence-create google-manage-account-access if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" else diff --git a/kube/services/jobs/google-manage-account-access-job.yaml b/kube/services/jobs/google-manage-account-access-job.yaml index ff9e927f3..d7f6204a0 100644 --- a/kube/services/jobs/google-manage-account-access-job.yaml +++ b/kube/services/jobs/google-manage-account-access-job.yaml @@ -113,8 +113,8 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml - fence-create google-manage-account-access || poetry run fence-create google-manage-account-access + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + fence-create google-manage-account-access if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" fi diff --git a/kube/services/jobs/google-manage-keys-cronjob.yaml b/kube/services/jobs/google-manage-keys-cronjob.yaml index 5a7f95558..eff76d30a 100644 --- a/kube/services/jobs/google-manage-keys-cronjob.yaml +++ b/kube/services/jobs/google-manage-keys-cronjob.yaml @@ -125,9 +125,9 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml echo 'options use-vc' >> /etc/resolv.conf - fence-create google-manage-keys || poetry run fence-create google-manage-keys + fence-create google-manage-keys if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" else diff --git a/kube/services/jobs/google-manage-keys-job.yaml b/kube/services/jobs/google-manage-keys-job.yaml index 9c9bb635b..84c855fb6 100644 --- a/kube/services/jobs/google-manage-keys-job.yaml +++ b/kube/services/jobs/google-manage-keys-job.yaml @@ -116,8 +116,8 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml - fence-create google-manage-keys || poetry run fence-create google-manage-keys + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + fence-create google-manage-keys if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" fi diff --git a/kube/services/jobs/google-verify-bucket-access-group-cronjob.yaml b/kube/services/jobs/google-verify-bucket-access-group-cronjob.yaml index 011727046..49e83374f 100644 --- a/kube/services/jobs/google-verify-bucket-access-group-cronjob.yaml +++ b/kube/services/jobs/google-verify-bucket-access-group-cronjob.yaml @@ -125,9 +125,9 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml echo 'options use-vc' >> /etc/resolv.conf - fence-create bucket-access-group-verify || poetry run fence-create bucket-access-group-verify + fence-create bucket-access-group-verify if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" else diff --git a/kube/services/jobs/google-verify-bucket-access-group-job.yaml b/kube/services/jobs/google-verify-bucket-access-group-job.yaml index 98691143f..93eae91dc 100644 --- a/kube/services/jobs/google-verify-bucket-access-group-job.yaml +++ b/kube/services/jobs/google-verify-bucket-access-group-job.yaml @@ -113,8 +113,8 @@ spec: - "-c" - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml - fence-create bucket-access-group-verify || poetry run fence-create bucket-access-group-verify + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + fence-create bucket-access-group-verify if [[ $? != 0 ]]; then echo "WARNING: non zero exit code: $?" fi diff --git a/kube/services/jobs/usersync-job.yaml b/kube/services/jobs/usersync-job.yaml index a4aa57382..8a5471a20 100644 --- a/kube/services/jobs/usersync-job.yaml +++ b/kube/services/jobs/usersync-job.yaml @@ -190,7 +190,7 @@ spec: # Script always succeeds if it runs (echo exits with 0) - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml echo 'options use-vc' >> /etc/resolv.conf let count=0 while [[ ! -f /mnt/shared/user.yaml && $count -lt 50 ]]; do @@ -201,10 +201,7 @@ spec: if [[ "$SYNC_FROM_DBGAP" != True && "$ADD_DBGAP" != "true" ]]; then if [[ -f /mnt/shared/user.yaml ]]; then echo "running fence-create" - time ( - fence-create sync --arborist http://arborist-service --yaml /mnt/shared/user.yaml || \ - poetry run fence-create sync --arborist http://arborist-service --yaml /mnt/shared/user.yaml - ) + time fence-create sync --arborist http://arborist-service --yaml /mnt/shared/user.yaml else echo "/mnt/shared/user.yaml did not appear within timeout :-(" false # non-zero exit code @@ -214,16 +211,10 @@ spec: output=$(mktemp "/tmp/fence-create-output_XXXXXX") if [[ -f /mnt/shared/user.yaml && "$ONLY_DBGAP" != "true" ]]; then echo "Running fence-create dbgap-sync with user.yaml - see $output" - time ( - fence-create sync --arborist http://arborist-service --sync_from_dbgap "True" --projects /var/www/fence/projects.yaml --yaml /mnt/shared/user.yaml 2>&1 | tee "$output" || \ - poetry run fence-create sync --arborist http://arborist-service --sync_from_dbgap "True" --projects /var/www/fence/projects.yaml --yaml /mnt/shared/user.yaml 2>&1 | tee "$output" - ) + time fence-create sync --arborist http://arborist-service --sync_from_dbgap "True" --projects /var/www/fence/projects.yaml --yaml /mnt/shared/user.yaml 2>&1 | tee "$output" else echo "Running fence-create dbgap-sync without user.yaml - see $output" - time ( - fence-create sync --arborist http://arborist-service --sync_from_dbgap "True" --projects /var/www/fence/projects.yaml 2>&1 | tee "$output" || \ - poetry run fence-create sync --arborist http://arborist-service --sync_from_dbgap "True" --projects /var/www/fence/projects.yaml 2>&1 | tee "$output" - ) + time fence-create sync --arborist http://arborist-service --sync_from_dbgap "True" --projects /var/www/fence/projects.yaml 2>&1 | tee "$output" fi exitcode="${PIPESTATUS[0]}" echo "$output" diff --git a/kube/services/jobs/useryaml-job.yaml b/kube/services/jobs/useryaml-job.yaml index 4121076c3..5853a05c4 100644 --- a/kube/services/jobs/useryaml-job.yaml +++ b/kube/services/jobs/useryaml-job.yaml @@ -147,13 +147,11 @@ spec: # Script always succeeds if it runs (echo exits with 0) - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config.yaml if [ "$SYNC_FROM_DBGAP" = True ]; then - fence-create sync --arborist http://arborist-service --sync_from_dbgap $(SYNC_FROM_DBGAP) --projects /var/www/fence/projects.yaml --yaml /var/www/fence/user.yaml || \ - poetry run fence-create sync --arborist http://arborist-service --sync_from_dbgap $(SYNC_FROM_DBGAP) --projects /var/www/fence/projects.yaml --yaml /var/www/fence/user.yaml + fence-create sync --arborist http://arborist-service --sync_from_dbgap $(SYNC_FROM_DBGAP) --projects /var/www/fence/projects.yaml --yaml /var/www/fence/user.yaml else - fence-create sync --arborist http://arborist-service --yaml /var/www/fence/user.yaml || \ - poetry run fence-create sync --arborist http://arborist-service --yaml /var/www/fence/user.yaml + fence-create sync --arborist http://arborist-service --yaml /var/www/fence/user.yaml fi echo "Exit code: $?" restartPolicy: Never diff --git a/kube/services/presigned-url-fence/presigned-url-fence-deploy.yaml b/kube/services/presigned-url-fence/presigned-url-fence-deploy.yaml index 9938df9d9..c82a1a98e 100644 --- a/kube/services/presigned-url-fence/presigned-url-fence-deploy.yaml +++ b/kube/services/presigned-url-fence/presigned-url-fence-deploy.yaml @@ -220,8 +220,8 @@ spec: - | echo "${FENCE_PUBLIC_CONFIG:-""}" > "/var/www/fence/fence-config-public.yaml" echo -e "ENABLE_DB_MIGRATION: false" > "/var/www/fence/fence-config-bonus1.yaml" - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config-step1.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config-step1.yaml - poetry run python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-bonus1.yaml /var/www/fence/fence-config-step1.yaml > /var/www/fence/fence-config.yaml || python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-bonus1.yaml /var/www/fence/fence-config-step1.yaml > /var/www/fence/fence-config.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-public.yaml /var/www/fence/fence-config-secret.yaml > /var/www/fence/fence-config-step1.yaml + python /var/www/fence/yaml_merge.py /var/www/fence/fence-config-bonus1.yaml /var/www/fence/fence-config-step1.yaml > /var/www/fence/fence-config.yaml nginx_limit=$(cat /var/www/fence/fence-config.yaml | sed -n -e 's/^.*\"OVERRIDE_NGINX_RATE_LIMIT\": //p' | sed 's/.$//') if [ -z "$nginx_limit" ]; then nginx_limit=$(cat /fence/fence/config-default.yaml | sed -n -e 's/^.*OVERRIDE_NGINX_RATE_LIMIT: //p')