chore: merge from master

.github/workflows/update-ssdlc-report.yaml

@@ -103,7 +103,6 @@ jobs:
           branch: ${{ env.JIRA_KEY }}
           labels: |
             compliance
-            auto
             auto_close_jira
           body: |
             ## Proposed changes

.gitignore

@@ -27,6 +27,9 @@ third_party_notices/
 gon_x86_64.json
 gon_arm64.json
 *.xml
+build/ci/hosts.json
+build/ci/ssh_id
+sbom.json
 
 # We don't want to commit env variables
 *.env

build/ci/evergreen.yml

@@ -423,6 +423,8 @@ functions:
           - "image_id=/subscriptions/${azure_subscription_id}/resourceGroups/atlascli-image-resources/providers/Microsoft.Compute/images/${image}"
           - -var
           - "certificate_path=${certificate_path}"
+          - -var
+          - "admin_password=${azure_vm_admin_password}"
     - command: shell.exec
       params:
         <<: *go_options

build/ci/terraform/main.tf

@@ -27,6 +27,12 @@ variable "certificate_path" {
   default = "~/.ssh/id_rsa.pub"
 }
 
+variable "admin_password" {
+  type = string
+  description = "The admin password for the Windows VM"
+  sensitive = true
+}
+
 resource "azurerm_resource_group" "atlascli_vm_rg" {
   name     = "atlascli-resources"
   location = "East US"
@@ -107,7 +113,7 @@ resource "azurerm_windows_virtual_machine" "atlascli_vm" {
   resource_group_name   = azurerm_resource_group.atlascli_vm_rg.name
   size                  = "Standard_D2s_v3"
   admin_username        = "atlascli"
-  admin_password        = "P@ssw0rd1234!"
+  admin_password        = var.admin_password
   network_interface_ids = [azurerm_network_interface.atlascli_vm_nic.id]
   computer_name         = "atlasclivm"
   os_disk {

compliance/v1.43.1/ssdlc-compliance-1.43.1.md

@@ -0,0 +1,30 @@
+SSDLC Compliance Report: Atlas CLI 1.43.1
+=================================================================
+
+- Release Creator: apix-bot[bot]
+- Created On:       2025-06-05
+
+Overview:
+
+- **Product and Release Name**
+    - Atlas CLI 1.43.1, 2025-06-05.
+
+- **Process Document**
+  - https://www.mongodb.com/blog/post/how-mongodb-protects-against-supply-chain-vulnerabilities
+
+- **Tool used to track third party vulnerabilities**
+  - [Kondukto](https://arcticglow.kondukto.io/)
+
+- **Dependency Information**
+  - See SBOM Lite manifests (CycloneDX in JSON format):
+    - https://github.com/mongodb/mongodb-atlas-cli/releases/download/atlascli%2Fv1.43.1/sbom.json
+
+- **Security Testing Report**
+  - Available as needed from Cloud Security.
+
+- **Security Assessment Report**
+  - Available as needed from Cloud Security.
+
+Assumptions and attestations:
+
+- Internal processes are used to ensure CVEs are identified and mitigated within SLAs.

compliance/v1.43.2/ssdlc-compliance-1.43.2.md

@@ -0,0 +1,30 @@
+SSDLC Compliance Report: Atlas CLI 1.43.2
+=================================================================
+
+- Release Creator: apix-bot[bot]
+- Created On:       2025-06-06
+
+Overview:
+
+- **Product and Release Name**
+    - Atlas CLI 1.43.2, 2025-06-06.
+
+- **Process Document**
+  - https://www.mongodb.com/blog/post/how-mongodb-protects-against-supply-chain-vulnerabilities
+
+- **Tool used to track third party vulnerabilities**
+  - [Kondukto](https://arcticglow.kondukto.io/)
+
+- **Dependency Information**
+  - See SBOM Lite manifests (CycloneDX in JSON format):
+      - https://github.com/mongodb/mongodb-atlas-cli/releases/download/atlascli%2Fv1.43.2/sbom.json
+
+- **Security Testing Report**
+  - Available as needed from Cloud Security.
+
+- **Security Assessment Report**
+  - Available as needed from Cloud Security.
+
+Assumptions and attestations:
+
+- Internal processes are used to ensure CVEs are identified and mitigated within SLAs.

test/e2e/testdata/.snapshots/TestAccessList/Create_Delete_After/POST_api_atlas_v2_groups_6842e199bdcc3c3d79dcbc4e_accessList_1.snaphost

@@ -0,0 +1,16 @@
+HTTP/2.0 201 Created
+Content-Length: 472
+Content-Type: application/vnd.atlas.2023-01-01+json;charset=utf-8
+Date: Fri, 06 Jun 2025 12:39:56 GMT
+Referrer-Policy: strict-origin-when-cross-origin
+Server: mdbws
+Strict-Transport-Security: max-age=31536000; includeSubdomains;
+X-Content-Type-Options: nosniff
+X-Envoy-Upstream-Service-Time: 110
+X-Frame-Options: DENY
+X-Java-Method: ApiAtlasNetworkAccessListResource::addAtlasWhitelist
+X-Java-Version: 17.0.14+7
+X-Mongodb-Service-Version: gitHash=b0dbddfb67208b118e339709922b5a96d34d9fa7; versionString=master
+X-Permitted-Cross-Domain-Policies: none
+
+{"links":[{"href":"http://localhost:8080/api/atlas/v2/groups/6842e199bdcc3c3d79dcbc4e/accessList?includeCount=true&pageNum=1&itemsPerPage=100","rel":"self"}],"results":[{"cidrBlock":"192.168.0.230/32","comment":"test","deleteAfterDate":"2025-06-06T12:44:56Z","groupId":"6842e199bdcc3c3d79dcbc4e","ipAddress":"192.168.0.230","links":[{"href":"http://localhost:8080/api/atlas/v2/groups/6842e199bdcc3c3d79dcbc4e/accessList/192.168.0.230%2F32","rel":"self"}]}],"totalCount":1}

test/e2e/testdata/.snapshots/TestAccessList/Create_Forever/POST_api_atlas_v2_groups_6842e199bdcc3c3d79dcbc4e_accessList_1.snaphost

@@ -0,0 +1,16 @@
+HTTP/2.0 201 Created
+Content-Length: 431
+Content-Type: application/vnd.atlas.2023-01-01+json;charset=utf-8
+Date: Fri, 06 Jun 2025 12:39:55 GMT
+Referrer-Policy: strict-origin-when-cross-origin
+Server: mdbws
+Strict-Transport-Security: max-age=31536000; includeSubdomains;
+X-Content-Type-Options: nosniff
+X-Envoy-Upstream-Service-Time: 108
+X-Frame-Options: DENY
+X-Java-Method: ApiAtlasNetworkAccessListResource::addAtlasWhitelist
+X-Java-Version: 17.0.14+7
+X-Mongodb-Service-Version: gitHash=b0dbddfb67208b118e339709922b5a96d34d9fa7; versionString=master
+X-Permitted-Cross-Domain-Policies: none
+
+{"links":[{"href":"http://localhost:8080/api/atlas/v2/groups/6842e199bdcc3c3d79dcbc4e/accessList?includeCount=true&pageNum=1&itemsPerPage=100","rel":"self"}],"results":[{"cidrBlock":"192.168.0.230/32","comment":"test","groupId":"6842e199bdcc3c3d79dcbc4e","ipAddress":"192.168.0.230","links":[{"href":"http://localhost:8080/api/atlas/v2/groups/6842e199bdcc3c3d79dcbc4e/accessList/192.168.0.230%2F32","rel":"self"}]}],"totalCount":1}

test/e2e/testdata/.snapshots/TestAccessList/Create_with_CurrentIp/GET_api_private_ipinfo_1.snaphost

@@ -1,16 +1,16 @@
 HTTP/2.0 200 OK
 Content-Length: 40
 Content-Type: application/json
-Date: Fri, 30 May 2025 12:35:02 GMT
+Date: Fri, 06 Jun 2025 12:39:56 GMT
 Referrer-Policy: strict-origin-when-cross-origin
 Server: mdbws
 Strict-Transport-Security: max-age=31536000; includeSubdomains;
 X-Content-Type-Options: nosniff
 X-Frame-Options: DENY
 X-Java-Method: ApiPrivateIpInfoResource::getIpInfo
 X-Java-Version: 17.0.14+7
-X-Mongodb-Service-Version: gitHash=6f3b92e91d6bca553e30eabbc42d8bea714f2377; versionString=master
+X-Mongodb-Service-Version: gitHash=b0dbddfb67208b118e339709922b5a96d34d9fa7; versionString=master
 X-Permitted-Cross-Domain-Policies: none
 X-Xgen-Up-Proto: HTTP/2
 
-{"currentIpv4Address":"172.200.199.214"}
+{"currentIpv4Address":"172.200.181.136"}

test/e2e/testdata/.snapshots/TestAccessList/Create_with_CurrentIp/POST_api_atlas_v2_groups_6842e199bdcc3c3d79dcbc4e_accessList_1.snaphost

@@ -0,0 +1,16 @@
+HTTP/2.0 201 Created
+Content-Length: 437
+Content-Type: application/vnd.atlas.2023-01-01+json;charset=utf-8
+Date: Fri, 06 Jun 2025 12:39:56 GMT
+Referrer-Policy: strict-origin-when-cross-origin
+Server: mdbws
+Strict-Transport-Security: max-age=31536000; includeSubdomains;
+X-Content-Type-Options: nosniff
+X-Envoy-Upstream-Service-Time: 97
+X-Frame-Options: DENY
+X-Java-Method: ApiAtlasNetworkAccessListResource::addAtlasWhitelist
+X-Java-Version: 17.0.14+7
+X-Mongodb-Service-Version: gitHash=b0dbddfb67208b118e339709922b5a96d34d9fa7; versionString=master
+X-Permitted-Cross-Domain-Policies: none
+
+{"links":[{"href":"http://localhost:8080/api/atlas/v2/groups/6842e199bdcc3c3d79dcbc4e/accessList?includeCount=true&pageNum=1&itemsPerPage=100","rel":"self"}],"results":[{"cidrBlock":"172.200.181.136/32","comment":"test","groupId":"6842e199bdcc3c3d79dcbc4e","ipAddress":"172.200.181.136","links":[{"href":"http://localhost:8080/api/atlas/v2/groups/6842e199bdcc3c3d79dcbc4e/accessList/172.200.181.136%2F32","rel":"self"}]}],"totalCount":1}

test/e2e/testdata/.snapshots/TestAccessList/Delete#01/DELETE_api_atlas_v2_groups_6842e199bdcc3c3d79dcbc4e_accessList_192.168.0.230_1.snaphost

@@ -0,0 +1,14 @@
+HTTP/2.0 204 No Content
+Content-Type: application/vnd.atlas.2023-01-01+json;charset=utf-8
+Date: Fri, 06 Jun 2025 12:39:56 GMT
+Referrer-Policy: strict-origin-when-cross-origin
+Server: mdbws
+Strict-Transport-Security: max-age=31536000; includeSubdomains;
+X-Content-Type-Options: nosniff
+X-Envoy-Upstream-Service-Time: 88
+X-Frame-Options: DENY
+X-Java-Method: ApiAtlasNetworkAccessListResource::deleteAtlasWhitelist
+X-Java-Version: 17.0.14+7
+X-Mongodb-Service-Version: gitHash=b0dbddfb67208b118e339709922b5a96d34d9fa7; versionString=master
+X-Permitted-Cross-Domain-Policies: none
+

test/e2e/testdata/.snapshots/TestAccessList/Delete#02/DELETE_api_atlas_v2_groups_6842e199bdcc3c3d79dcbc4e_accessList_172.200.181.136_1.snaphost

@@ -0,0 +1,14 @@
+HTTP/2.0 204 No Content
+Content-Type: application/vnd.atlas.2023-01-01+json;charset=utf-8
+Date: Fri, 06 Jun 2025 12:39:57 GMT
+Referrer-Policy: strict-origin-when-cross-origin
+Server: mdbws
+Strict-Transport-Security: max-age=31536000; includeSubdomains;
+X-Content-Type-Options: nosniff
+X-Envoy-Upstream-Service-Time: 86
+X-Frame-Options: DENY
+X-Java-Method: ApiAtlasNetworkAccessListResource::deleteAtlasWhitelist
+X-Java-Version: 17.0.14+7
+X-Mongodb-Service-Version: gitHash=b0dbddfb67208b118e339709922b5a96d34d9fa7; versionString=master
+X-Permitted-Cross-Domain-Policies: none
+

test/e2e/testdata/.snapshots/TestAccessList/Delete/DELETE_api_atlas_v2_groups_6842e199bdcc3c3d79dcbc4e_accessList_192.168.0.230_1.snaphost

@@ -0,0 +1,14 @@
+HTTP/2.0 204 No Content
+Content-Type: application/vnd.atlas.2023-01-01+json;charset=utf-8
+Date: Fri, 06 Jun 2025 12:39:55 GMT
+Referrer-Policy: strict-origin-when-cross-origin
+Server: mdbws
+Strict-Transport-Security: max-age=31536000; includeSubdomains;
+X-Content-Type-Options: nosniff
+X-Envoy-Upstream-Service-Time: 85
+X-Frame-Options: DENY
+X-Java-Method: ApiAtlasNetworkAccessListResource::deleteAtlasWhitelist
+X-Java-Version: 17.0.14+7
+X-Mongodb-Service-Version: gitHash=b0dbddfb67208b118e339709922b5a96d34d9fa7; versionString=master
+X-Permitted-Cross-Domain-Policies: none
+

test/e2e/testdata/.snapshots/TestAccessList/Describe/GET_api_atlas_v2_groups_6842e199bdcc3c3d79dcbc4e_accessList_192.168.0.230_1.snaphost

@@ -0,0 +1,16 @@
+HTTP/2.0 200 OK
+Content-Length: 245
+Content-Type: application/vnd.atlas.2023-01-01+json;charset=utf-8
+Date: Fri, 06 Jun 2025 12:39:55 GMT
+Referrer-Policy: strict-origin-when-cross-origin
+Server: mdbws
+Strict-Transport-Security: max-age=31536000; includeSubdomains;
+X-Content-Type-Options: nosniff
+X-Envoy-Upstream-Service-Time: 54
+X-Frame-Options: DENY
+X-Java-Method: ApiAtlasNetworkAccessListResource::getAtlasNetworkPermissionEntry
+X-Java-Version: 17.0.14+7
+X-Mongodb-Service-Version: gitHash=b0dbddfb67208b118e339709922b5a96d34d9fa7; versionString=master
+X-Permitted-Cross-Domain-Policies: none
+
+{"cidrBlock":"192.168.0.230/32","comment":"test","groupId":"6842e199bdcc3c3d79dcbc4e","ipAddress":"192.168.0.230","links":[{"href":"http://localhost:8080/api/atlas/v2/groups/6842e199bdcc3c3d79dcbc4e/accessList/192.168.0.230%2F32","rel":"self"}]}