improve startup scripts and logs take 2#1250
Closed
fhanik wants to merge 4 commits into
Closed
Conversation
Replace fixed /tmp paths with mktemp-allocated files and directories. The private.yml copy is created with mode 0600 and registered with trap ... EXIT for automatic cleanup. SAVEDIR is also allocated with mktemp -d instead of a fixed path.
Switch uaa.client.redirect_uri.matching_mode default from legacy to exact, aligning with RFC 6749 and current best practice for OAuth2 redirect URI validation. BREAKING CHANGE: clients relying on subdomain or path wildcard matching must register exact redirect URIs or explicitly set uaa.client.redirect_uri.matching_mode: legacy in their manifest before upgrading.
Change uaa.logging_level default from DEBUG to INFO. The DEBUG level produces verbose Spring Security and JDBC output that is not appropriate for production deployments. Extend the log4j2 redaction pattern to cover code=, access_token=, refresh_token=, and id_token= in addition to the existing password= and client_secret= patterns.
configure_tomcat transfers ownership of /var/vcap/data/uaa/ to vcap, which includes cert-cache and the Java truststore within it. Add resecure_cert_cache() to run after configure_tomcat and configure_spring_boot. It restores cert-cache to root:root with mode 0711 and all enclosed files to root:root 0644, so the vcap process retains read access to the truststore without write access.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Override PR #1236 as no checks were run
Changes span the pre-start script, log4j2 redaction pattern, redirect URI matching default, and release tooling.
Redirect URI matching (BREAKING CHANGE)
uaa.client.redirect_uri.matching_modenow defaults toexactrather thanlegacy. Deployments with clients that use subdomain or path wildcard redirect URIs must register exact URIs or explicitly setmatching_mode: legacyin their manifest before upgrading.Logging defaults
uaa.logging_levelnow defaults toINFO. The log4j2 redaction pattern is extended to covercode=,access_token=,refresh_token=, andid_token=values in addition topassword=andclient_secret=.cert-cache file ownership
pre-startnow callsresecure_cert_cache()afterconfigure_tomcatandconfigure_spring_boot, restoringcert-cachetoroot:root 0711and its contents toroot:root 0644. Thevcapprocess retains read-only access to the truststore.Release script temp file handling
perform-release.shnow usesmktempfor all temporary files and directories, with mode0600on credential-bearing files andtrap ... EXITfor cleanup.