Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: fix minor security issues #1728

Merged
merged 6 commits into from
Jul 18, 2023
Merged

chore: fix minor security issues #1728

merged 6 commits into from
Jul 18, 2023

Conversation

mowies
Copy link
Member

@mowies mowies commented Jul 18, 2023
edited
Loading

This PR

Fixes the latest failed security scans by fixing the following issues:

  • updated kubescape config to allow ghcr.io images
  • updated denoland/deno to tag alpine-1.35.1
  • added a kubescape exception rule to allow the LABEL_SELECTOR_KEY env var in cert operator (which was picked up as a plaintext token env var by kubescape)
  • updated github.com/docker/distribution to v2.8.2+incompatible in scheduler

Proof:
https://github.com/keptn/lifecycle-toolkit/actions/runs/5584795645

Fixes:
Fixes #1545
Fixes #1720
Fixes #1695
Fixes #1659
Fixes #1616
Fixes #1576
Fixes #1522
Fixes #1485
Fixes #1442
Fixes #1413
Closes #1564

@mowies
add previously found issues
717125c 
Signed-off-by: Moritz Wiesinger <[email protected]>
@netlify
Copy link

netlify bot commented Jul 18, 2023

Deploy Preview for keptn-lifecycle-toolkit ready!

Name Link
🔨 Latest commit 717125c
🔍 Latest deploy log https://app.netlify.com/sites/keptn-lifecycle-toolkit/deploys/64b6367a096b0a0008bad0f9
😎 Deploy Preview https://deploy-preview-1728--keptn-lifecycle-toolkit.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@codecov
Copy link

codecov bot commented Jul 18, 2023
edited
Loading

Codecov Report

Merging #1728 (8fb55b3) into main (dc3ade0) will increase coverage by 0.30%.
The diff coverage is n/a.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1728      +/-   ##
==========================================
+ Coverage   63.23%   63.54%   +0.30%     
==========================================
  Files         130      143      +13     
  Lines       10219    10909     +690     
==========================================
+ Hits         6462     6932     +470     
- Misses       3548     3716     +168     
- Partials      209      261      +52

see 17 files with indirect coverage changes

Flag Coverage Δ
certificate-operator 68.55% <ø> (?)
component-tests 59.54% <ø> (-0.21%) ⬇️
lifecycle-operator 84.52% <ø> (ø)
metrics-operator 82.26% <ø> (ø)
scheduler 32.12% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

@github-actions github-actions bot added the ops label Jul 18, 2023
@sonarcloud
Copy link

sonarcloud bot commented Jul 18, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@mowies mowies marked this pull request as ready for review July 18, 2023 08:01
@mowies mowies requested a review from a team as a code owner July 18, 2023 08:01
@mowies mowies merged commit ea73cd9 into main Jul 18, 2023
@mowies mowies deleted the fix-sec-issues branch July 18, 2023 10:15
@keptn-bot keptn-bot mentioned this pull request Jul 18, 2023
Merged
This was referenced Aug 29, 2023
Closed
Merged
This was referenced Sep 5, 2023
Closed
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RealAnna RealAnna RealAnna approved these changes

@bacherfl bacherfl bacherfl approved these changes

Assignees
No one assigned
Labels
ops scheduler
Projects
None yet
Milestone
No milestone
3 participants
@mowies @bacherfl @RealAnna