chore: skip plugin build

[jgomer2001]

Prepare

• Read PR guidelines
• Read license information

---

Description

Target issue

closes #9591

Implementation Details

---

Test and Document the changes

• Static code analysis has been run locally and issues have been fixed
• Relevant unit and integration tests have been added/updated
• Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)

Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with docs: to indicate documentation changes or if the below checklist is not selected.

• I confirm that there is no impact on the docs due to the code changes in this PR.

[dryrunsecurity]

DryRun Security Summary

The pull request primarily involves changes to the project's build configuration and Dockerfile, which may impact the application's two-factor authentication functionality and contain hardcoded configuration values and sensitive information that should be externalized and managed securely.

Expand for full summary

Summary:

The code changes in this pull request primarily involve modifications to the project's build configuration and the Dockerfile used for the Janssen Casa application. While the changes do not directly introduce any obvious security vulnerabilities, there are several security-related aspects that should be considered.

The removal of the "email_2fa_core" module from the project's Maven configuration may impact the application's two-factor authentication (2FA) functionality, which is an important security feature. Additionally, the Dockerfile contains several hardcoded configuration values and sensitive information, which should be externalized and managed securely to prevent potential security risks.

The Dockerfile also utilizes various techniques for dependency management, caching, and layer optimization, which can help improve the security and maintainability of the Docker image. However, it's crucial to ensure that all dependencies are kept up-to-date and that any known vulnerabilities are addressed in a timely manner.

Files Changed:

1. jans-casa/pom.xml: The changes in this file involve commenting out the plugins/email_2fa_core module, which may impact the application's two-factor authentication functionality. The file also includes comprehensive dependency management and build configuration, which are essential for maintaining a secure and stable application.

2. docker-jans-casa/Dockerfile: The changes in this Dockerfile are related to the deployment of the Janssen Casa application. Key security-related aspects include the removal of the "email_2fa_core" plugin, the use of hardcoded configuration values, the management of environment variables, dependency management, and the implementation of security best practices, such as using a non-root user and setting appropriate permissions.

Code Analysis

We ran 9 analyzers against 2 files and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer	Findings
Sensitive Files Analyzer	2 findings

Riskiness

🟢 Risk threshold not exceeded.

View PR in the DryRun Dashboard.

[sonarqubecloud]

Quality Gate passed for 'jans-pycloudlib'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarqubecloud]

Quality Gate passed for 'jans-config-api-parent'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud