Skip to content
Snippets Groups Projects
Commit 60cadb66 authored by Eric Schoville's avatar Eric Schoville
Browse files

Merge branch 'odbc_debug' into 'master' 

Add some ODBC debugging information to Readme.md

See merge request !39
parents 60d40203 5575037d
No related branches found
No related tags found
1 merge request!39Add some ODBC debugging information to Readme.md
Hide whitespace changes
Inline Side-by-side
Showing
with 36 additions and 2 deletions
README.md
+ 36
2
View file @ 60cadb66
...@@ -55,17 +55,51 @@ The image is based on Ubuntu 18.04. It downloads and installs necessary depende ...@@ -55,17 +55,51 @@ The image is based on Ubuntu 18.04. It downloads and installs necessary depende
[odbc]: #odbc [odbc]: #odbc
ODBC support has been added to this image, specifically support for SQLite3 and Snowflake. An odbc.ini file can be mounted into the container as /home/agent/.odbc.ini for setting up connections. Local files can be mounted or copied into the container as necessary. ODBC support has been added to this image, specifically support for SQLite3 and Snowflake. An odbc.ini file can be mounted into the container as /home/agent/.odbc.ini for setting up connections. Local files can be mounted or copied into the container as necessary.
#### Debugging ODBC Connections
* Check file permissions on ODBC.ini, which needs read/write by the user. You will not get an error if the file permissions are incorrect, but the sources will not appear.
* Use `odbcinst` to show configuration, data sources, and drivers by opening a shell in the docker container using `docker exec -ti container_name bash`.
```bash
# Show the configuration. This does not list .odbc.ini and .odbcinst.ini in the home directory.
agent@odmasprod:~/infaagent/apps/agentcore$ odbcinst -j
unixODBC 2.3.4
DRIVERS............: /etc/odbcinst.ini
SYSTEM DATA SOURCES: /etc/odbc.ini
FILE DATA SOURCES..: /etc/ODBCDataSources
USER DATA SOURCES..: /home/agent/.odbc.ini
SQLULEN Size.......: 8
SQLLEN Size........: 8
SQLSETPOSIROW Size.: 8
```
```bash
# Show installed drivers. Verify that the correct drivers are found.
agent@odmasprod:~/infaagent/apps/agentcore$ odbcinst -q -d
[SQLite]
[SQLite3]
[SnowflakeDSIIDriver]
```
```bash
# Show data sources. These have been mounted into the container from the odbc.ini file.
agent@odmasprod:~/infaagent/apps/agentcore$ odbcinst -q -s
[ODBC_database_1]
[ODBC_database_2]
[chinook]
```
### Image Scanning ### Image Scanning
[imagescan]: #image-scanning [imagescan]: #image-scanning
The image is scanned by [Qualys](https://qualysguard.qg2.apps.qualys.com/cs/help/get_started/get_started.htm), a container image vulnerability The image is scanned by [Qualys](https://qualysguard.qg2.apps.qualys.com/cs/help/get_started/get_started.htm), a container image vulnerability
scanning system, through a Gitlab CI/CD job: `image_scan`. This job is built upon the `qualy_scan` job from the`check-qualys-job.yml` template in [checkQualys](https://git.doit.wisc.edu/interop/checkqualys) tool repository. An `image_scan` job will be created and a [Gitlab issue](https://git.doit.wisc.edu/interop/iics/iics_secure_agent/-/issues) will be added to this repository for each [CVE vulnerability](https://www.cvedetails.com/) that occurs. scanning system, through a Gitlab CI/CD job: `image_scan`. This job is built upon the `qualy_scan` job from the`check-qualys-job.yml` template in [checkQualys](https://git.doit.wisc.edu/interop/checkqualys) tool repository. An `image_scan` job will be created and a [Gitlab issue](https://git.doit.wisc.edu/interop/iics/iics_secure_agent/-/issues) will be added to this repository for each [CVE vulnerability](https://www.cvedetails.com/) that occurs.
To enable container image scanning, you need to first check following criteria: To enable container image scanning, you need to first check following criteria:
* A Gitlab API Project Access Token for checkQualys tool is valid and stored as `CI_TOKEN` in **Settings -> CI/CD -> Environemnt Variables**, if not, you need to generate one in checkQualys repository under **Settings -> Access Token**, following the instruction [here](https://docs.gitlab.com/ee/user/project/settings/project_access_tokens.html); * A Gitlab API Project Access Token for checkQualys tool is valid and stored as `CI_TOKEN` in **Settings -> CI/CD -> Environemnt Variables**, if not, you need to generate one in checkQualys repository under **Settings -> Access Token**, following the instruction [here](https://docs.gitlab.com/ee/user/project/settings/project_access_tokens.html);
* A Gitlab runner in **Settings -> CI/CD -> Runners** with **qualys** tag is enabled. * A Gitlab runner in **Settings -> CI/CD -> Runners** with **qualys** tag is enabled.
Notes: Notes:
* A Gitlab API Project Access Token specify for checkQualys is necessary and can be found in checkQualys repository that allows the checkQualys tool to post issues back to the project that is being scanned. * A Gitlab API Project Access Token specify for checkQualys is necessary and can be found in checkQualys repository that allows the checkQualys tool to post issues back to the project that is being scanned.
* A manual `qualys_scan` job at post stage will be created when including job template from checkQualys, and cannot be removed, but it can be ignored. * A manual `qualys_scan` job at post stage will be created when including job template from checkQualys, and cannot be removed, but it can be ignored.
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment