Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Address secure code analysis alerts #303

Merged
merged 3 commits into from
Nov 1, 2023
Merged

Address secure code analysis alerts #303

merged 3 commits into from
Nov 1, 2023

Conversation

dms1981
Copy link
Contributor

@dms1981 dms1981 commented Nov 1, 2023

  • Allow unit-test to use AWS managed KMS key
  • Scope permissions for documentation workflow
  • Add exclude for unused declarations to keep locals.tf consistent across repositories

@dms1981 dms1981 requested a review from a team as a code owner November 1, 2023 10:51
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Nov 1, 2023

TFSEC Scan Success

Show Output 
*****************************

TFSEC will check the following folders:
.

*****************************

Running TFSEC in .
Excluding the following checks: AWS089, AWS099, AWS009, AWS097, AWS018

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available 
for the time being, although our engineering 
attention will be directed at Trivy going forward.

You can read more here: 
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
  timings
  ──────────────────────────────────────────
  disk i/o             130.703µs
  parsing              17.312318ms
  adaptation           702.509µs
  checks               16.177704ms
  total                34.323234ms

  counts
  ──────────────────────────────────────────
  modules downloaded   0
  modules processed    1
  blocks processed     48
  files read           4

  results
  ──────────────────────────────────────────
  passed               6
  ignored              4
  critical             0
  high                 0
  medium               0
  low                  0


No problems detected!

tfsec_exitcode=0

Checkov Scan Success

Show Output 
*****************************

Checkov will check the following folders:
.

*****************************

Running Checkov in .
Excluding the following checks: CKV_GIT_1
terraform scan results:

Passed checks: 140, Failed checks: 0, Skipped checks: 30

github_actions scan results:

Passed checks: 176, Failed checks: 0, Skipped checks: 0


checkov_exitcode=0

CTFLint Scan Success

Show Output 
*****************************

Setting default tflint config...
Running tflint --init...
Installing `terraform` plugin...
Installed `terraform` (source: github.com/terraform-linters/tflint-ruleset-terraform, version: 0.2.1)
tflint will check the following folders:
.

*****************************

Running tflint in .
Excluding the following checks: terraform_unused_declarations
tflint_exitcode=0

SteveLinden
SteveLinden approved these changes Nov 1, 2023
View reviewed changes
Copy link
Contributor

@SteveLinden SteveLinden left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks OK to me

@dms1981 dms1981 merged commit ffe6c2d into main Nov 1, 2023
@dms1981 dms1981 deleted the fix/secure-code-analysis branch November 1, 2023 10:59
@dms1981 dms1981 mentioned this pull request Nov 1, 2023
Closed
31 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SteveLinden SteveLinden SteveLinden approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dms1981 @SteveLinden