From ca0137abc9ee6ec3e1e24a26a98d575e62dcfee2 Mon Sep 17 00:00:00 2001 From: Alexis-Maurer Fortin Date: Mon, 9 Sep 2024 11:40:03 -0400 Subject: [PATCH 01/13] BST-12075 Latest Checkov Processor (#158) Signed-off-by: Alexis-Maurer Fortin --- scanners/boostsecurityio/checkov-tf-plan/module.yaml | 2 +- scanners/boostsecurityio/checkov/module.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scanners/boostsecurityio/checkov-tf-plan/module.yaml b/scanners/boostsecurityio/checkov-tf-plan/module.yaml index 409f680a..e78957fe 100644 --- a/scanners/boostsecurityio/checkov-tf-plan/module.yaml +++ b/scanners/boostsecurityio/checkov-tf-plan/module.yaml @@ -20,5 +20,5 @@ steps: format: sarif post-processor: docker: - image: public.ecr.aws/boostsecurityio/boost-scanner-checkov:d72b4bd@sha256:c9b2ca5609b84093fe845e47149906e9d60d41152b54579f57f5336995db428e + image: public.ecr.aws/boostsecurityio/boost-scanner-checkov:ac8e2c1@sha256:fa3e9a44fb60e796066272928cc223fa46fa8a242f4a5bf885f73f2d678e1412 command: process diff --git a/scanners/boostsecurityio/checkov/module.yaml b/scanners/boostsecurityio/checkov/module.yaml index c984721b..f4af8c02 100644 --- a/scanners/boostsecurityio/checkov/module.yaml +++ b/scanners/boostsecurityio/checkov/module.yaml @@ -20,5 +20,5 @@ steps: format: sarif post-processor: docker: - image: public.ecr.aws/boostsecurityio/boost-scanner-checkov:d72b4bd@sha256:c9b2ca5609b84093fe845e47149906e9d60d41152b54579f57f5336995db428e + image: public.ecr.aws/boostsecurityio/boost-scanner-checkov:ac8e2c1@sha256:fa3e9a44fb60e796066272928cc223fa46fa8a242f4a5bf885f73f2d678e1412 command: process From e3007a934d626eb26525f707f5e3713c0091f763 Mon Sep 17 00:00:00 2001 From: Olivier Leduc Date: Tue, 10 Sep 2024 09:57:41 -0400 Subject: [PATCH 02/13] BST-12323: rename gitleaks validate secret env var (#169) --- scanners/boostsecurityio/gitleaks-full/module.yaml | 2 +- scanners/boostsecurityio/gitleaks/module.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scanners/boostsecurityio/gitleaks-full/module.yaml b/scanners/boostsecurityio/gitleaks-full/module.yaml index 6e9ef7b6..7964cc0f 100644 --- a/scanners/boostsecurityio/gitleaks-full/module.yaml +++ b/scanners/boostsecurityio/gitleaks-full/module.yaml @@ -70,4 +70,4 @@ steps: command: process --gitleaks-full image: public.ecr.aws/boostsecurityio/boost-scanner-keyscope:6524873@sha256:f9310e1e1856d75c217d828350f9be0bfbde0c374cbaad5d00a2438965611281 environment: - VALIDATE_SECRET: ${BOOST_VALIDATE_SECRET:-} + VALIDATE_SECRET: ${GITLEAKS_VALIDATE_SECRETS:-} diff --git a/scanners/boostsecurityio/gitleaks/module.yaml b/scanners/boostsecurityio/gitleaks/module.yaml index a2bad203..cb88949a 100644 --- a/scanners/boostsecurityio/gitleaks/module.yaml +++ b/scanners/boostsecurityio/gitleaks/module.yaml @@ -69,4 +69,4 @@ steps: command: process image: public.ecr.aws/boostsecurityio/boost-scanner-keyscope:6524873@sha256:f9310e1e1856d75c217d828350f9be0bfbde0c374cbaad5d00a2438965611281 environment: - VALIDATE_SECRET: ${BOOST_VALIDATE_SECRET:-} + VALIDATE_SECRET: ${GITLEAKS_VALIDATE_SECRETS:-} From 805f0d2c85c65645206565a6d1e0142df376a421 Mon Sep 17 00:00:00 2001 From: Alexis-Maurer Fortin Date: Tue, 10 Sep 2024 13:55:33 -0400 Subject: [PATCH 03/13] BST-12576 Fix Checkov Parsing (#171) --- scanners/boostsecurityio/checkov-tf-plan/module.yaml | 2 +- scanners/boostsecurityio/checkov/module.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scanners/boostsecurityio/checkov-tf-plan/module.yaml b/scanners/boostsecurityio/checkov-tf-plan/module.yaml index e78957fe..24592324 100644 --- a/scanners/boostsecurityio/checkov-tf-plan/module.yaml +++ b/scanners/boostsecurityio/checkov-tf-plan/module.yaml @@ -20,5 +20,5 @@ steps: format: sarif post-processor: docker: - image: public.ecr.aws/boostsecurityio/boost-scanner-checkov:ac8e2c1@sha256:fa3e9a44fb60e796066272928cc223fa46fa8a242f4a5bf885f73f2d678e1412 + image: public.ecr.aws/boostsecurityio/boost-scanner-checkov:ec4f3d2@sha256:8fdf1b3eb4fb7ade9fe618e586a0d4f8d6fe316d390a1c28ead8812e7a388e93 command: process diff --git a/scanners/boostsecurityio/checkov/module.yaml b/scanners/boostsecurityio/checkov/module.yaml index f4af8c02..144ba9b5 100644 --- a/scanners/boostsecurityio/checkov/module.yaml +++ b/scanners/boostsecurityio/checkov/module.yaml @@ -20,5 +20,5 @@ steps: format: sarif post-processor: docker: - image: public.ecr.aws/boostsecurityio/boost-scanner-checkov:ac8e2c1@sha256:fa3e9a44fb60e796066272928cc223fa46fa8a242f4a5bf885f73f2d678e1412 + image: public.ecr.aws/boostsecurityio/boost-scanner-checkov:ec4f3d2@sha256:8fdf1b3eb4fb7ade9fe618e586a0d4f8d6fe316d390a1c28ead8812e7a388e93 command: process From 20eac5b07d63a2dd9b2b2a9eadffbfa68c88d938 Mon Sep 17 00:00:00 2001 From: Olivier Leduc Date: Wed, 11 Sep 2024 14:44:56 -0400 Subject: [PATCH 04/13] BST-12323: reenable validating secrets by default in gitleaks (#172) --- scanners/boostsecurityio/gitleaks-full/module.yaml | 2 +- scanners/boostsecurityio/gitleaks/module.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scanners/boostsecurityio/gitleaks-full/module.yaml b/scanners/boostsecurityio/gitleaks-full/module.yaml index 7964cc0f..e5948e5c 100644 --- a/scanners/boostsecurityio/gitleaks-full/module.yaml +++ b/scanners/boostsecurityio/gitleaks-full/module.yaml @@ -68,6 +68,6 @@ steps: image: public.ecr.aws/boostsecurityio/boost-scanner-gitleaks:a13a131@sha256:97321d82da1b4adfbc1cd7fddb23a2ef57b8f9c2db0ccbc007f15f7adefb0086 - docker: command: process --gitleaks-full - image: public.ecr.aws/boostsecurityio/boost-scanner-keyscope:6524873@sha256:f9310e1e1856d75c217d828350f9be0bfbde0c374cbaad5d00a2438965611281 + image: public.ecr.aws/boostsecurityio/boost-scanner-keyscope:458e3dd@sha256:6b611b085271e2c8ed15590f536fd4a29221a11752ef7525bbb60be9ad241902 environment: VALIDATE_SECRET: ${GITLEAKS_VALIDATE_SECRETS:-} diff --git a/scanners/boostsecurityio/gitleaks/module.yaml b/scanners/boostsecurityio/gitleaks/module.yaml index cb88949a..8a4848ba 100644 --- a/scanners/boostsecurityio/gitleaks/module.yaml +++ b/scanners/boostsecurityio/gitleaks/module.yaml @@ -67,6 +67,6 @@ steps: image: public.ecr.aws/boostsecurityio/boost-scanner-gitleaks:a13a131@sha256:97321d82da1b4adfbc1cd7fddb23a2ef57b8f9c2db0ccbc007f15f7adefb0086 - docker: command: process - image: public.ecr.aws/boostsecurityio/boost-scanner-keyscope:6524873@sha256:f9310e1e1856d75c217d828350f9be0bfbde0c374cbaad5d00a2438965611281 + image: public.ecr.aws/boostsecurityio/boost-scanner-keyscope:458e3dd@sha256:6b611b085271e2c8ed15590f536fd4a29221a11752ef7525bbb60be9ad241902 environment: VALIDATE_SECRET: ${GITLEAKS_VALIDATE_SECRETS:-} From ab3c4dc715ad94122f3ca09bdc4e145e75c422d0 Mon Sep 17 00:00:00 2001 From: Alexis-Maurer Fortin Date: Thu, 12 Sep 2024 17:47:13 -0400 Subject: [PATCH 05/13] latest composition Signed-off-by: Alexis-Maurer Fortin --- scanners/boostsecurityio/composition/module.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/boostsecurityio/composition/module.yaml b/scanners/boostsecurityio/composition/module.yaml index f32d68c5..6da1e6e5 100644 --- a/scanners/boostsecurityio/composition/module.yaml +++ b/scanners/boostsecurityio/composition/module.yaml @@ -16,7 +16,7 @@ steps: format: metadata command: docker: - image: public.ecr.aws/boostsecurityio/boost-scanner-composition:a1de55b@sha256:f1434e36f783eafc48797c09bf0a56fc980f85d82f70374dce27be7e1b6e176d + image: public.ecr.aws/boostsecurityio/boost-scanner-composition:f46cb11@sha256:8234bfc7a0a81b3d9133055763e4202b87f967c93e9d7568ee63949c4d2b82c1 command: scan workdir: /src environment: From ce708e1d3d08212670d4f380d9177d011703c5ae Mon Sep 17 00:00:00 2001 From: Alexis-Maurer Fortin Date: Fri, 13 Sep 2024 11:08:59 -0400 Subject: [PATCH 06/13] Update module.yaml Signed-off-by: Alexis-Maurer Fortin --- scanners/boostsecurityio/composition/module.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/boostsecurityio/composition/module.yaml b/scanners/boostsecurityio/composition/module.yaml index 6da1e6e5..5e420923 100644 --- a/scanners/boostsecurityio/composition/module.yaml +++ b/scanners/boostsecurityio/composition/module.yaml @@ -16,7 +16,7 @@ steps: format: metadata command: docker: - image: public.ecr.aws/boostsecurityio/boost-scanner-composition:f46cb11@sha256:8234bfc7a0a81b3d9133055763e4202b87f967c93e9d7568ee63949c4d2b82c1 + image: public.ecr.aws/boostsecurityio/boost-scanner-composition:2a4dd4a@sha256:f21f6691827f40d3761c6f9575beeebf4a1641b3546c18ecb35677ddadde16e8 command: scan workdir: /src environment: From 763c0ab5d54da511d20a3cde7c4a511f4829d0e7 Mon Sep 17 00:00:00 2001 From: Alexis-Maurer Fortin Date: Fri, 13 Sep 2024 12:19:42 -0400 Subject: [PATCH 07/13] Update module.yaml Signed-off-by: Alexis-Maurer Fortin --- scanners/boostsecurityio/composition/module.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/boostsecurityio/composition/module.yaml b/scanners/boostsecurityio/composition/module.yaml index 5e420923..ae5f96f9 100644 --- a/scanners/boostsecurityio/composition/module.yaml +++ b/scanners/boostsecurityio/composition/module.yaml @@ -16,7 +16,7 @@ steps: format: metadata command: docker: - image: public.ecr.aws/boostsecurityio/boost-scanner-composition:2a4dd4a@sha256:f21f6691827f40d3761c6f9575beeebf4a1641b3546c18ecb35677ddadde16e8 + image: public.ecr.aws/boostsecurityio/boost-scanner-composition:72d444e@sha256:bb2a080a84dcf09fe1cda2925e2162226fe421e6d14283dc5aebc37ce83626c8 command: scan workdir: /src environment: From acdb740c835b87309b5c079b90ba53f2ac09d479 Mon Sep 17 00:00:00 2001 From: Alexis-Maurer Fortin Date: Fri, 13 Sep 2024 12:40:07 -0400 Subject: [PATCH 08/13] Update module.yaml Signed-off-by: Alexis-Maurer Fortin --- scanners/boostsecurityio/composition/module.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/boostsecurityio/composition/module.yaml b/scanners/boostsecurityio/composition/module.yaml index ae5f96f9..67966417 100644 --- a/scanners/boostsecurityio/composition/module.yaml +++ b/scanners/boostsecurityio/composition/module.yaml @@ -16,7 +16,7 @@ steps: format: metadata command: docker: - image: public.ecr.aws/boostsecurityio/boost-scanner-composition:72d444e@sha256:bb2a080a84dcf09fe1cda2925e2162226fe421e6d14283dc5aebc37ce83626c8 + image: public.ecr.aws/boostsecurityio/boost-scanner-composition:6a27868@sha256:c8603dd77e7fde2d150291fe725f2973b37140091c375bef478e00c2f190b389 command: scan workdir: /src environment: From eb733c359bd388dbbaec2cb7736345b325dbd39a Mon Sep 17 00:00:00 2001 From: Alexis-Maurer Fortin Date: Fri, 13 Sep 2024 13:51:43 -0400 Subject: [PATCH 09/13] Update module.yaml Signed-off-by: Alexis-Maurer Fortin --- scanners/boostsecurityio/composition/module.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/boostsecurityio/composition/module.yaml b/scanners/boostsecurityio/composition/module.yaml index 67966417..93935fe2 100644 --- a/scanners/boostsecurityio/composition/module.yaml +++ b/scanners/boostsecurityio/composition/module.yaml @@ -16,7 +16,7 @@ steps: format: metadata command: docker: - image: public.ecr.aws/boostsecurityio/boost-scanner-composition:6a27868@sha256:c8603dd77e7fde2d150291fe725f2973b37140091c375bef478e00c2f190b389 + image: public.ecr.aws/boostsecurityio/boost-scanner-composition:c0c7259@sha256:09bb0d5b14b7c882072f958428548bc06062758a8f3d93ac3f78d441304b0c78 command: scan workdir: /src environment: From ddf848da361b0236e06e064577c8c4557d855ca0 Mon Sep 17 00:00:00 2001 From: Alexis-Maurer Fortin Date: Fri, 13 Sep 2024 14:42:35 -0400 Subject: [PATCH 10/13] Update module.yaml Signed-off-by: Alexis-Maurer Fortin --- scanners/boostsecurityio/composition/module.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/boostsecurityio/composition/module.yaml b/scanners/boostsecurityio/composition/module.yaml index 93935fe2..76eac949 100644 --- a/scanners/boostsecurityio/composition/module.yaml +++ b/scanners/boostsecurityio/composition/module.yaml @@ -16,7 +16,7 @@ steps: format: metadata command: docker: - image: public.ecr.aws/boostsecurityio/boost-scanner-composition:c0c7259@sha256:09bb0d5b14b7c882072f958428548bc06062758a8f3d93ac3f78d441304b0c78 + image: public.ecr.aws/boostsecurityio/boost-scanner-composition:145be01@sha256:64007c2183f7c246a2c6801c68a422c9fe99db22348b12bd189bc830d8258fd0 command: scan workdir: /src environment: From 0fdb1698fad722af676fa115ec9adc3347fdf93d Mon Sep 17 00:00:00 2001 From: Alexis-Maurer Fortin Date: Fri, 13 Sep 2024 14:54:29 -0400 Subject: [PATCH 11/13] Update module.yaml Signed-off-by: Alexis-Maurer Fortin --- scanners/boostsecurityio/composition/module.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/boostsecurityio/composition/module.yaml b/scanners/boostsecurityio/composition/module.yaml index 76eac949..b45875a6 100644 --- a/scanners/boostsecurityio/composition/module.yaml +++ b/scanners/boostsecurityio/composition/module.yaml @@ -16,7 +16,7 @@ steps: format: metadata command: docker: - image: public.ecr.aws/boostsecurityio/boost-scanner-composition:145be01@sha256:64007c2183f7c246a2c6801c68a422c9fe99db22348b12bd189bc830d8258fd0 + image: public.ecr.aws/boostsecurityio/boost-scanner-composition:a98d273@sha256:5934bc563f366140a110cebcee945651be65ba53265ef731fa14a2d0f3c53fcf command: scan workdir: /src environment: From 11431230a49f6a556cde70c831fd49dc0d72b0f0 Mon Sep 17 00:00:00 2001 From: Alexis-Maurer Fortin Date: Sat, 21 Sep 2024 15:03:19 -0400 Subject: [PATCH 12/13] Update module.yaml Signed-off-by: Alexis-Maurer Fortin --- scanners/boostsecurityio/composition/module.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/boostsecurityio/composition/module.yaml b/scanners/boostsecurityio/composition/module.yaml index b45875a6..d1fb6755 100644 --- a/scanners/boostsecurityio/composition/module.yaml +++ b/scanners/boostsecurityio/composition/module.yaml @@ -16,7 +16,7 @@ steps: format: metadata command: docker: - image: public.ecr.aws/boostsecurityio/boost-scanner-composition:a98d273@sha256:5934bc563f366140a110cebcee945651be65ba53265ef731fa14a2d0f3c53fcf + image: public.ecr.aws/boostsecurityio/boost-scanner-composition:78d14c5@sha256:e0664d56df4f2ce7bb8b6569cf88f0b52234a07823bb59576e5a46370931d333 command: scan workdir: /src environment: From cb299b8476225f945d2e3ee6478f1fff75f77cb3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Proulx?= <76956526+fproulx-boostsecurity@users.noreply.github.com> Date: Tue, 24 Sep 2024 10:00:20 -0400 Subject: [PATCH 13/13] Update module.yaml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: François Proulx <76956526+fproulx-boostsecurity@users.noreply.github.com> --- scanners/boostsecurityio/composition/module.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/boostsecurityio/composition/module.yaml b/scanners/boostsecurityio/composition/module.yaml index d1fb6755..835d9d17 100644 --- a/scanners/boostsecurityio/composition/module.yaml +++ b/scanners/boostsecurityio/composition/module.yaml @@ -16,7 +16,7 @@ steps: format: metadata command: docker: - image: public.ecr.aws/boostsecurityio/boost-scanner-composition:78d14c5@sha256:e0664d56df4f2ce7bb8b6569cf88f0b52234a07823bb59576e5a46370931d333 + image: public.ecr.aws/boostsecurityio/boost-scanner-composition:7704de1@sha256:bc554abe4a0e290cb1ca890ec4956c2cad94e3b286d65fe1f8f18b498a500947 command: scan workdir: /src environment: