onestop
onestop copied to clipboard
cedardevs
Address deployment concerns on csbCrawler2Cloud
Summary
| As a | Security officer |
| I want | code to perform data validation to prevent SQL injection into Athena |
| So that I can | approve csbCrawler2Cloud to run in production without vulnerabilities |
- [x] Review security report from Charlie Roberts, Identify locations for data validation
- [x] ~Ask Charlie for clarification on issues if needed~ - not needed
- [x] ~Update code to validate coordinates, dates, etc.~ - removed unneeded code
- [x] Increment version number
- [x] Create pull request
- [x] Resubmit for security review and deployment
- [x] Create some operations documentation
- [ ] Deploy to on-prem prod
Removed lambda_function.py and changed version number to 1.0.5.
Put in pull request https://github.com/cedardevs/csbCrawler2Cloud/pull/11
Completed pull request since it was a simple change.
Tried to push a v1.0.5 to GitLab, but had a permission error (this worked about a month ago). Sent email to Richard.A.Smith, who helped with gitlab assistance in the past.
Richard changed the permissions from "private" to "internal" which now allows pushing to the master branch.
Submitted WD-1314 to deploy version 1.0.5
Consulting with Ernie to define a system to host the code, I started an operational guide https://docs.google.com/document/d/1IowvkadwJ2bsF__Ms5lB3DMh_SYSkFEXLM1S4vV7ba0/edit?usp=sharing
Will respond to questions as they come up.