Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Configure Mend for GitHub.com #14043

Merged
merged 1 commit into from
Jun 11, 2024
Merged

Configure Mend for GitHub.com #14043

merged 1 commit into from
Jun 11, 2024

Conversation

mend-for-github-com[bot]
Copy link
Contributor

Welcome to Mend for GitHub.com (formerly WhiteSource). This is an onboarding PR to help you understand and configure settings before Mend starts scanning your repository for security vulnerabilities.

🚦 Mend for GitHub.com will start scanning your repository only once you merge this Pull Request. To disable Mend for GitHub.com, simply close this Pull Request.

What to Expect

This PR contains a '.whitesource' configuration file which can be customized to your needs. If no changes were applied to this file, Mend for GitHub.com will use the default configuration.

Before merging this PR, Make sure the Issues tab is enabled. Once you merge this PR, Mend for GitHub.com will scan your repository and create a GitHub Issue for every vulnerability detected in your repository.

If you do not want a GitHub Issue to be created for each detected vulnerability, you can edit the '.whitesource' file and set the 'minSeverityLevel' parameter to 'NONE'.

If Mend Remediate Workflow Rules are set on your repository (from the Mend 'Integrate' tab), Mend will also generate a fix Pull Request for relevant vulnerabilities.

❓ Got questions? Check out Mend for GitHub.com docs.
If you need any further assistance then you can also request help here.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jun 6, 2024

❌ Gradle check result for d9c0aa0: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

@dblock
Copy link
Member

dblock commented Jun 7, 2024

@prudhvigodithi Do we know what triggered this? Do we need it?

@prudhvigodithi
Copy link
Contributor

Hey @dblock from my observation the .whitesource file should be present for the Mend for GitHub.com app part of the opensearch-project org, seen this file part of few repos. Also I have added this for the metrics repo that was onboarded recently https://github.com/opensearch-project/opensearch-metrics/blob/main/.whitesource. Not sure why this was missed in the core repo. I'm ok to get this merged.
Adding @zelinh @getsaurabh02 @peterzhuamazon

@prudhvigodithi
Copy link
Contributor

There are few PR's manually closed in past #9829, #7207.

@github-actions GitHub Actions
Copy link
Contributor

❌ Gradle check result for d9c0aa0: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

@github-actions GitHub Actions
Copy link
Contributor

❌ Gradle check result for d9c0aa0: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

zelinh
zelinh approved these changes Jun 10, 2024
View reviewed changes
Copy link
Member

@zelinh zelinh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The reason we didn't add it before is that Mend was not scanning core repo completely and correctly. We contacted their support and seems like some issues on their side to build the project to detect dependencies and CVEs.

Not sure whether they fixed it but I'm good to approve this and see how it goes.

@github-actions GitHub Actions
Copy link
Contributor

❌ Gradle check result for d9c0aa0: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

@github-actions GitHub Actions
Copy link
Contributor

❌ Gradle check result for d9c0aa0: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

@github-actions GitHub Actions
Copy link
Contributor

❌ Gradle check result for d9c0aa0: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

@dblock
Copy link
Member

dblock commented Jun 11, 2024

❌ Gradle check result for d9c0aa0: FAILURE

Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green. Is the failure a flaky test unrelated to your change?

org.opensearch.remotemigration.RemoteReplicaRecoveryIT.testReplicaRecovery

#13473

@github-actions GitHub Actions
Copy link
Contributor

✅ Gradle check result for d9c0aa0: SUCCESS

@dblock dblock added the backport 2.x Backport to 2.x branch label Jun 11, 2024
@dblock dblock merged commit cc98dbe into main Jun 11, 2024
59 of 60 checks passed
@mend-for-github-com mend-for-github-com bot deleted the whitesource/configure branch June 11, 2024 14:46
opensearch-trigger-bot bot pushed a commit that referenced this pull request Jun 11, 2024
@github-actions @mend-for-github-com
Add .whitesource configuration file (#14043)
698c983 
Co-authored-by: mend-for-github-com[bot] <50673670+mend-for-github-com[bot]@users.noreply.github.com>
(cherry picked from commit cc98dbe)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request Jun 11, 2024
Merged
reta pushed a commit that referenced this pull request Jun 11, 2024
@opensearch-trigger-bot @github-actions @mend-for-github-com
Add .whitesource configuration file (#14043) (#14178)
96c6d74 
(cherry picked from commit cc98dbe)

Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: mend-for-github-com[bot] <50673670+mend-for-github-com[bot]@users.noreply.github.com>
This was referenced Jun 13, 2024
Open
Open
Open
Open
Open
@finnegancarroll finnegancarroll mentioned this pull request Jun 14, 2024
Merged
3 tasks
@prudhvigodithi prudhvigodithi mentioned this pull request Jun 14, 2024
Closed
kkewwei pushed a commit to kkewwei/OpenSearch that referenced this pull request Jul 24, 2024
@opensearch-trigger-bot @github-actions
@mend-for-github-com @kkewwei
Add .whitesource configuration file (opensearch-project#14043) (opens…
66e9270 
…earch-project#14178)

(cherry picked from commit cc98dbe)

Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: mend-for-github-com[bot] <50673670+mend-for-github-com[bot]@users.noreply.github.com>
Signed-off-by: kkewwei <[email protected]>
wdongyu pushed a commit to wdongyu/OpenSearch that referenced this pull request Aug 22, 2024
@mend-for-github-com
Add .whitesource configuration file (opensearch-project#14043)
51d8176 
Co-authored-by: mend-for-github-com[bot] <50673670+mend-for-github-com[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dblock dblock dblock approved these changes

@prudhvigodithi prudhvigodithi prudhvigodithi approved these changes

@zelinh zelinh zelinh approved these changes

@anasalkouz anasalkouz Awaiting requested review from anasalkouz anasalkouz is a code owner

@andrross andrross Awaiting requested review from andrross andrross is a code owner

@Bukhtawar Bukhtawar Awaiting requested review from Bukhtawar Bukhtawar is a code owner

@CEHENKLE CEHENKLE Awaiting requested review from CEHENKLE CEHENKLE is a code owner

@dbwiddis dbwiddis Awaiting requested review from dbwiddis dbwiddis is a code owner

@dreamer-89 dreamer-89 Awaiting requested review from dreamer-89

@gbbafna gbbafna Awaiting requested review from gbbafna gbbafna is a code owner

@kotwanikunal kotwanikunal Awaiting requested review from kotwanikunal kotwanikunal is a code owner

@mch2 mch2 Awaiting requested review from mch2 mch2 is a code owner

@msfroh msfroh Awaiting requested review from msfroh msfroh is a code owner

@nknize nknize Awaiting requested review from nknize nknize is a code owner

@owaiskazi19 owaiskazi19 Awaiting requested review from owaiskazi19 owaiskazi19 is a code owner

@reta reta Awaiting requested review from reta reta is a code owner

@Rishikesh1159 Rishikesh1159 Awaiting requested review from Rishikesh1159 Rishikesh1159 is a code owner

@sachinpkale sachinpkale Awaiting requested review from sachinpkale sachinpkale is a code owner

@saratvemulapalli saratvemulapalli Awaiting requested review from saratvemulapalli saratvemulapalli is a code owner

@shwetathareja shwetathareja Awaiting requested review from shwetathareja shwetathareja is a code owner

@sohami sohami Awaiting requested review from sohami sohami is a code owner

@tlfeng tlfeng Awaiting requested review from tlfeng

@VachaShah VachaShah Awaiting requested review from VachaShah VachaShah is a code owner

Assignees
No one assigned
Labels
backport 2.x Backport to 2.x branch skip-changelog
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dblock @prudhvigodithi @zelinh