Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: disable container app scan with feature flag #4105 #4224

Merged
merged 1 commit into from
Dec 13, 2022
Merged

feat: disable container app scan with feature flag #4105 #4224

merged 1 commit into from
Dec 13, 2022

Conversation

tommyknows
Copy link
Contributor

What does this PR do?

This commit adds a check for the containerCliAppVulnsEnabled feature flag. If neither --exclude-app-vulns nor --app-vulns are set, the feature flag will be used to determine whether app vulnerabilities will be scanned or not.

This commit was merged in #4105 and reverted in #4184 again due to an issue with the global-agent patch.
This PR now builds on top of #4205 instead.

@tommyknows tommyknows requested review from a team as code owners November 30, 2022 17:36
@tommyknows tommyknows marked this pull request as draft November 30, 2022 17:37
@tommyknows tommyknows changed the title draft: feat: disable container app scan with feature flag #4105 feat: disable container app scan with feature flag #4105 Nov 30, 2022
@github-actions
Copy link
Contributor

github-actions bot commented Nov 30, 2022
edited
Loading

Warnings
⚠️

Since the CLI is unifying on a standard and improved tooling, we're starting to migrate old-style imports and exports to ES6 ones.
A file you've modified is using either module.exports or require(). If you can, please update them to ES6 import syntax and export syntax.
Files found:

  • src/cli/commands/monitor/index.ts
  • src/cli/commands/test/index.ts
  • test/tap/cli-monitor.acceptance.test.ts

Generated by 🚫 dangerJS against b12216d

@tommyknows
feat: disable container app scan with feature flag
b12216d 
This commit adds a check for the `containerCliAppVulnsEnabled` feature
flag. If neither `--exclude-app-vulns` nor `--app-vulns` are set, the
feature flag will be used to determine whether app vulnerabilities will
be scanned or not.
@tommyknows tommyknows force-pushed the feat/app-vulns-featureflag branch from a37699c to b12216d Compare December 2, 2022 09:18
ghost
ghost reviewed Dec 2, 2022
View reviewed changes
test/tap/cli-fail-on-docker.test.ts
Comment on lines +84 to +85
// TODO: we should be able to remove that setting once once we remove the
// containerCliAppVulnsEnabled feature flag has been removed as well.
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

New TODO comment introduced here:

      // TODO: we should be able to remove that setting once once we remove the
      // containerCliAppVulnsEnabled feature flag has been removed as well.
      // Currently without setting this (or app-vulns), the code tries to reach
      // the API to check the feature flag and throws an exception.

Consider fixing it now or converting it into an issue to raise visibility.

Mention [stepsize] in a comment to create an issue out of this TODO. See examples here.

ghost
ghost reviewed Dec 2, 2022
View reviewed changes
test/tap/cli-fail-on-docker.test.ts
Comment on lines +106 to +107
// TODO: we should be able to remove that setting once once we remove the
// containerCliAppVulnsEnabled feature flag has been removed as well.
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

New TODO comment introduced here:

      // TODO: we should be able to remove that setting once once we remove the
      // containerCliAppVulnsEnabled feature flag has been removed as well.
      // Currently without setting this (or app-vulns), the code tries to reach
      // the API to check the feature flag and throws an exception.

Consider fixing it now or converting it into an issue to raise visibility.

Mention [stepsize] in a comment to create an issue out of this TODO. See examples here.

@tommyknows tommyknows marked this pull request as ready for review December 2, 2022 09:19
michelkaporin
michelkaporin approved these changes Dec 2, 2022
View reviewed changes
Copy link
Contributor

@michelkaporin michelkaporin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great 👍

@tommyknows tommyknows merged commit 6a26463 into master Dec 13, 2022
@tommyknows tommyknows deleted the feat/app-vulns-featureflag branch December 13, 2022 12:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@orsagie orsagie orsagie approved these changes

@michelkaporin michelkaporin michelkaporin approved these changes

@rossmcewan rossmcewan Awaiting requested review from rossmcewan rossmcewan was automatically assigned from snyk/snyk-open-source

@admons admons Awaiting requested review from admons admons was automatically assigned from snyk/snyk-open-source

@dotkas dotkas Awaiting requested review from dotkas dotkas was automatically assigned from snyk/snyk-open-source

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tommyknows @michelkaporin @orsagie