ci: fix missing FQDN parse on quick start script

[moabu]

Prepare

• Read PR guidelines
• Read license information

---

Description

Target issue

closes #8914

Implementation Details

---

Test and Document the changes

• Static code analysis has been run locally and issues have been fixed
• Relevant unit and integration tests have been added/updated
• Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)

Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with docs: to indicate documentation changes or if the below checklist is not selected.

• I confirm that there is no impact on the docs due to the code changes in this PR.

Closes #8925,

[dryrunsecurity]

DryRun Security Summary

The pull request focuses on the deployment and configuration of a Janssen monolith application, with potential security considerations related to environment variable injection, hardcoded paths, dependency management, and Docker Compose configuration.

Expand for full summary

Summary:

The code changes in this pull request appear to be focused on the deployment and configuration of a Janssen monolith application. From an application security perspective, there are a few key areas that require attention:

1. Environment Variable Injection: The code uses the JANS_FQDN environment variable to set the CN_HOSTNAME environment variable in the Docker container. This could potentially lead to environment variable injection vulnerabilities if the JANS_FQDN value is not properly sanitized or validated.

2. Hardcoded Paths: The code uses hardcoded paths, such as /tmp/jans/docker-jans-monolith, which could be a potential issue if the application is deployed in a different environment with different file system structures.

3. Dependency Management: The code updates the pip package manager and installs several Python packages, including dockerfile-parse and ruamel.yaml. It's important to ensure that these dependencies are up-to-date and do not contain any known security vulnerabilities.

4. Docker Compose Configuration: The code modifies the Docker Compose configuration files, which could potentially lead to issues if the build process is not properly secured and validated.

Overall, the changes appear to focus on the deployment and configuration of the Janssen monolith application, with some potential security considerations that should be addressed to ensure the application's security and reliability.

Files Changed:

• automation/startjanssenmonolithdemo.sh: This file contains the changes related to the deployment and configuration of the Janssen monolith application. The key security considerations include environment variable injection, hardcoded paths, dependency management, and Docker Compose configuration. The code also includes scripts for testing the application's functionality, which is a positive security practice.

Code Analysis

We ran 7 analyzers against 1 file and 0 analyzers had findings. 7 analyzers had no findings.

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

[mo-auto]

Error: Hi @moabu, You did not reference an open issue in your PR. I attempted to create an issue for you.
Please update that issues' title and body and make sure I correctly referenced it in the above PRs body.