Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[AERIE-2025] Reformat scanning artifacts with nasa-scrub #342

Merged
merged 1 commit into from Sep 26, 2022
Merged

[AERIE-2025] Reformat scanning artifacts with nasa-scrub #342

merged 1 commit into from Sep 26, 2022

Conversation

skovati
Copy link
Contributor

@skovati skovati commented Sep 26, 2022

  • Tickets addressed: AERIE-2025
  • Review: By commit
  • Merge strategy: Merge (no squash)

Description

Uses the utilities provided by nasa-scrub to copy the CodeQL results from the sarif format to the scrub format. This is done so internal NASA pipelines can read our security scanning artifacts.

Verification

Ran manually using act.

Documentation

N/A

Future work

Update other aerie repos (ui, gateway, etc) with this change.

@skovati
Add nasa-scrub conversion utilties
55b040d 
This is done so we can output CodeQL scanning results in both the SARIF
format that Github can read, and the SCRUB format that internal NASA
pipelines can read.
@skovati skovati requested a review from a team as a code owner September 26, 2022 16:50
@skovati skovati temporarily deployed to e2e-test September 26, 2022 16:50 Inactive
camargo
camargo approved these changes Sep 26, 2022
View reviewed changes
Copy link
Member

@camargo camargo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Verified the scrub file is included in the artifacts. LGTM!

@skovati skovati merged commit 55e5db0 into develop Sep 26, 2022
@skovati skovati deleted the feature/AERIE-2025--ci-nasa-scrub branch September 26, 2022 17:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@camargo camargo camargo approved these changes

@patkenneally patkenneally patkenneally approved these changes

@mattdailis mattdailis mattdailis approved these changes

@pcrosemurgy pcrosemurgy Awaiting requested review from pcrosemurgy pcrosemurgy is a code owner automatically assigned from NASA-AMMOS/aerie-backend

Assignees

@skovati skovati

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@skovati @camargo @patkenneally @mattdailis