[analyze] Add Analyzer interface for Gitlab #3232
Conversation
abmussani
force-pushed
the
impl-data-model-gitlab
branch
from
ccc7f7c
to
ca8ac04
Compare
There was a problem hiding this comment.
The code looks good but the test isn't passing. It looks like the gitlab token is expired:
» curl 'https://gitlab.com/api/v4/personal_access_tokens/self' -H "Private-Token: $GITLAB_TOKEN"
{
"error": "invalid_token",
"error_description": "Token is expired. You can either do re-authorization or token refresh."
}
abmussani
force-pushed
the
impl-data-model-gitlab
branch
from
3b5b769
to
051aadf
Compare
to make more unique FullyQualifiedName, Ids are added for resources.
|
@mcastorina I have updated the active |
| Bindings: []analyzers.Binding{}, | ||
| } | ||
|
|
||
| // Add token and it's permissions to bindings |
There was a problem hiding this comment.
Are we sure token should be a resource here? Does the credential we're analyzing grant permission to perform actions on the token?
There was a problem hiding this comment.
Yup, The permission determine what action can be perform using that token.
There was a problem hiding this comment.
Permissions operate on a resource though, so in this case the permissions would describe operations that could be performed on the token itself, which seems wrong to me..
There was a problem hiding this comment.
@mcastorina I had gone through the login. PAT token does belongs to user and we do get userID in response. So, resource can be a User with those permissions. What do you think ?
Description:
This PR implements the analyzer interface for Gitlab.
Checklist:
make test-community)?make lintthis requires golangci-lint)?