Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable the public version of CredScan in our Aggregate Reports pipeline #2056

Closed
kurtzeborn opened this issue Nov 23, 2020 · 5 comments
Closed

Enable the public version of CredScan in our Aggregate Reports pipeline #2056

kurtzeborn opened this issue Nov 23, 2020 · 5 comments
Assignees
@sima-zhu
Labels
Central-EngSys This issue is owned by the Engineering System team.

Comments

@kurtzeborn
Copy link
Member

Follow up on details described in this incident: https://portal.microsofticm.com/imp/v3/incidents/details/214723367/home
@kurtzeborn kurtzeborn added the Central-EngSys This issue is owned by the Engineering System team. label Nov 23, 2020
@kurtzeborn kurtzeborn assigned sima-zhu and unassigned danieljurek Jan 4, 2021
@kurtzeborn
Copy link
Member Author

@weshaggard already has a pipeline he runs manually in this way. What's needed with this issue:

  1. Schedule the pipeline regularly
    1. Or (better) integrate it into the aggregate reports pipeline that already exists and runs regularly
  2. Have it generate delta reports of new secrets that it finds
  3. Alert the appropriate language repo owners for follow up
    1. This could be done with an email or by opening issues automatically

@sima-zhu
Copy link
Contributor

sima-zhu commented Jan 4, 2021

Looking

@sima-zhu
Copy link
Contributor

sima-zhu commented Jan 8, 2021

https://dev.azure.com/azure-sdk/internal/_build?definitionId=1949

Here is the manual run pipeline

@sima-zhu
Copy link
Contributor

sima-zhu commented Jan 8, 2021

Will work on adding CredScan step at aggregate-report first.

@sima-zhu
Copy link
Contributor

Python, JS, .net have PR ready to merge.

Java is blocking by Guardian team fix deployment. Will start working on the PR once the deployment succeed.

Java:Azure/azure-sdk-for-java#18505
Python:Azure/azure-sdk-for-python#16136
.NET: Azure/azure-sdk-for-net#17944
JS: Azure/azure-sdk-for-js#13200

@kurtzeborn kurtzeborn changed the title Enable the public version of CredScan in our PR and CI pipelines Enable the public version of CredScan in our Aggregate Reports pipeline Apr 15, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sima-zhu sima-zhu

Labels
Central-EngSys This issue is owned by the Engineering System team.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@danieljurek @kurtzeborn @sima-zhu