Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: added repolinter github action #76

Closed
wants to merge 1 commit into from
Closed

feat: added repolinter github action #76

wants to merge 1 commit into from

Conversation

mlorenzoitx
Copy link

added repolinter github action, requires reuse github action to work

@mlorenzoitx mlorenzoitx requested a review from a team as a code owner April 15, 2024 17:17
@dryrunsecurity DryRunSecurity
Copy link

Hi there 👋, @DryRunSecurity here, below is a summary of our analysis and findings.

DryRun Security Status Findings
AppSec Analyzer (beta) 0 findings
Secrets Analyzer (beta) 0 findings
Authn/Authz Analyzer 0 findings
Configured Codepaths Analyzer 0 findings
Sensitive Files Analyzer 0 findings

Note

🟢 Risk threshold not exceeded.

Tip

Get answers to your security questions. Add a comment in this PR starting with @DryRunSecurity. For example...

@dryrunsecurity What are common security issues with web application cookies?

Powered by DryRun Security

albertocva
albertocva reviewed Apr 16, 2024
View reviewed changes
repolinter.json
"rule": {
"type": "file-not-exists",
"options": {
"globsAll": [
".secrets.baseline",
"sherpa-config.yml",
".snyk",
"sonar-project.properties",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do you remove this condition? We need it in this step https://github.com/InditexTech/gh-sherpa/blob/main/.github/workflows/PR-verify.yml#L31.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The condition fail if these file exists, as we are using sonar condition always fail

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sonar is not working well because you have opened the pull request in a fork. You must open the PR in this repository for Sonar to work correctly.

albertocva
albertocva reviewed Apr 16, 2024
View reviewed changes
.github/workflows/repolinter_lint.yml
name: 'Validate master branch with Repolinter'

on:
push:
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we eliminate the step https://github.com/InditexTech/gh-sherpa/blob/main/.github/workflows/PR-verify.yml#L37 and always run this action on push?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If sonar runs too in another action should be possible

@jorgegarciarey
Copy link
Contributor

@mlorenzoitx ,

Currently, this linter is already executed in the PR-verify workflow, so, we don't need to enable this trigger (push to main). Any change is always from a pull request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@albertocva albertocva albertocva left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mlorenzoitx @jorgegarciarey @albertocva