Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include gosec in CI pipeline #621

Closed
alegrey91 opened this issue Jul 27, 2022 · 0 comments · Fixed by #622
Closed

Include gosec in CI pipeline #621

alegrey91 opened this issue Jul 27, 2022 · 0 comments · Fixed by #622
Assignees
@alegrey91
Labels
enhancement New feature or request
Milestone
v0.1.3

Comments

@alegrey91
Copy link
Contributor

Describe the feature

gosec is a Golang Security Checker. It inspects source code for security problems by scanning the Go AST.
I would include this in our pipeline.

What would the new user story look like?

A new user comes and wants to contribute to capsule.
He writes some Go code and pushes it to its branch.
At this time, the CI checks for the new code and detects if there are security issues.

Hopefully, the result should be like this:

...
[gosec] 2022/07/27 09:18:16 Checking package: service                                                                                                                                                                                         
[gosec] 2022/07/27 09:18:16 Checking file: capsule/pkg/webhook/service/errors.go                                                                                                                       
[gosec] 2022/07/27 09:18:16 Checking file: capsule/pkg/webhook/service/validating.go                                                                                                                   
[gosec] 2022/07/27 09:18:17 Checking package: utils                                                                                                                                                                                           
[gosec] 2022/07/27 09:18:17 Checking file: capsule/pkg/webhook/utils/error.go                                                                                                                          
[gosec] 2022/07/27 09:18:17 Checking file: capsule/pkg/webhook/utils/in_capsule_groups.go                                                                                                              
[gosec] 2022/07/27 09:18:17 Checking file: capsule/pkg/webhook/utils/is_capsule_user.go                                                                                                                
[gosec] 2022/07/27 09:18:17 Checking file: capsule/pkg/webhook/utils/is_tenant_owner.go                                                                                                                
[gosec] 2022/07/27 09:18:17 Checking file: capsule/pkg/webhook/utils/kubernetes_version.go                                                                                                             
Results:                                                                                                                                                                                                                                      
                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                              
Summary:                                                                                                                                                                                                                                      
  Gosec  : 2.12.0                                                                                                                                                                                                                             
  Files  : 135                                                                                                                                                                                                                                
  Lines  : 9714                                                                                                                                                                                                                               
  Nosec  : 0                                                                                                                                                                                                                                  
  Issues : 0
@alegrey91 alegrey91 added the blocked-needs-validation Issue need triage and validation label Jul 27, 2022
@alegrey91 alegrey91 self-assigned this Jul 27, 2022
@alegrey91 alegrey91 mentioned this issue Jul 27, 2022
Merged
@prometherion prometherion added this to the v0.2.0 milestone Aug 1, 2022
@prometherion prometherion added enhancement New feature or request and removed blocked-needs-validation Issue need triage and validation labels Aug 1, 2022
@prometherion prometherion modified the milestones: v0.2.0, v0.1.3 Dec 2, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alegrey91 alegrey91

Labels
enhancement New feature or request
Projects
None yet
Milestone
v0.1.3
Development

Successfully merging a pull request may close this issue.

ci: add gosec pipeline projectcapsule/capsule
2 participants
@prometherion @alegrey91