Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Introduce gosec for Static Application Security Testing (SAST) #343

Merged
merged 3 commits into from
Feb 14, 2025
Merged

Introduce gosec for Static Application Security Testing (SAST) #343

merged 3 commits into from
Feb 14, 2025

Conversation

aaronfern
Copy link

@aaronfern aaronfern commented Jan 10, 2025
edited
Loading

What this PR does / why we need it:
This PR introduced 2 new make targets - make sast and make sast-report to run gosec for Static Application Security Testing

Which issue(s) this PR fixes:
Fixes partially #331

Special notes for your reviewer:
This PR does not add either of the make targets to any pipeline nor does it address any security vulnerability. This will be taken care in a separate PR as there are quite a few to be resolved.

Release note:

Add `gosec` for Static Application Security Testing (SAST) via `make sast` and `make sast-report`.

@aaronfern aaronfern requested review from unmarshall, rishabh-11 and a team as code owners January 10, 2025 13:08
@gardener-robot gardener-robot added needs/review Needs review size/m Size of pull request is medium (see gardener-robot robot/bots/size.py) labels Jan 10, 2025
@gardener-robot-ci-2 gardener-robot-ci-2 added reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) and removed reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) labels Jan 10, 2025
@gardener-robot-ci-3 gardener-robot-ci-3 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Jan 20, 2025
@gardener-robot-ci-1 gardener-robot-ci-1 removed the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Jan 20, 2025
@gardener-robot-ci-1 gardener-robot-ci-1 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Feb 13, 2025
@gardener-robot-ci-3 gardener-robot-ci-3 removed the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Feb 13, 2025
@gardener-robot-ci-2 gardener-robot-ci-2 added the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Feb 13, 2025
@gardener-robot-ci-1 gardener-robot-ci-1 removed the reviewed/ok-to-test Has approval for testing (check PR in detail before setting this label because PR is run on CI/CD) label Feb 13, 2025
elankath
elankath approved these changes Feb 13, 2025
View reviewed changes
Copy link

@elankath elankath left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks

@aaronfern aaronfern merged commit 8556b61 into gardener:machine-controller-manager-provider Feb 14, 2025
10 checks passed
@gardener-robot gardener-robot added the status/closed Issue is closed (either delivered or triaged) label Feb 14, 2025
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@elankath elankath elankath approved these changes

@takoverflow takoverflow takoverflow approved these changes

@unmarshall unmarshall Awaiting requested review from unmarshall unmarshall is a code owner

@rishabh-11 rishabh-11 Awaiting requested review from rishabh-11

Assignees
No one assigned
Labels
needs/ok-to-test Needs approval for testing (check PR in detail before setting this label because PR is run on CI/CD) needs/review Needs review size/m Size of pull request is medium (see gardener-robot robot/bots/size.py) status/closed Issue is closed (either delivered or triaged)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@aaronfern @elankath @takoverflow @gardener-robot-ci-1 @gardener-robot-ci-2 @gardener-robot-ci-3 @gardener-robot