Open de-jcup opened 3 years ago
Would like to work on it, but I'll need help
@Vivek-Prajapatii yes, you can work on this. We are willing to help you. With what aspect of this issue do you need help with?
as i'm new to this project, i dont know the system i dont know how S3 is used in this system and where do i need to update the documentation.
thank you.
@Vivek-Prajapatii those are quite a lot of questions. I think, we mislabeled the issue as good first issue
as this issue requires knowledge of how SecHub is working as a distributed system and distributed systems in general.
The short explanation is:
A user uploads files (for example, source code) to one SecHub instance, which are then analyzed by different security tools. Those files need to be stored in such as way, that any other SecHub instance can read the files and upload it to one of the security tools. To be able to share files one needs to have a storage system which allows the instances to read the files. One can either use a shared file system like NFS or an object storage like S3.
The Product Delegation Server (PDS) works the same way.
There are two main reasons for not storing the user uploads in the database:
My recommendation would be to first work on other issues to get a better understanding of the inner workings of SecHub and the documentation and later come back to this issue.
The two issues are:
The issue #764 is not trivial, but will give you some understanding how the distributed architecture and sharing in PDS works. The architecture of PDS and SecHub are the same. However, the PDS is smaller and hopefully easier to understand. In addition, PMD is a free and open source (FOSS) static application security testing (SAST) product written in Java.
Ok first I will be working on #764
At least in archtiecture documentation there is only file system folder described for source uploads. But S3 storage can be used also.
This description is missing and must be documented (should be available in operations doc as well)