-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(secrets): Change s3 path for enriched secrets upload #4275
Conversation
.flake8
Outdated
@@ -3,7 +3,7 @@ | |||
[flake8] | |||
max-line-length = 120 | |||
# E203,E501 don't work with black together | |||
ignore = E203,E501,E731,W293,W503,W504,DUO107,DUO104,DUO130,DUO109,DUO116,B028,B950,TC001,TC003,TC006 | |||
ignore = E203,E501,E731,W293,W503,W504,DUO107,DUO104,DUO130,DUO109,DUO116,B028,B950,TC001,TC003,TC006,B907 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
funny they changed B907
finding to opinionated now 😄
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
there is a chance you will need to remove this change, when we merge #4274 tomorrow
.flake8
Outdated
@@ -3,7 +3,7 @@ | |||
[flake8] | |||
max-line-length = 120 | |||
# E203,E501 don't work with black together | |||
ignore = E203,E501,E731,W293,W503,W504,DUO107,DUO104,DUO130,DUO109,DUO116,B028,B950,TC001,TC003,TC006 | |||
ignore = E203,E501,E731,W293,W503,W504,DUO107,DUO104,DUO130,DUO109,DUO116,B028,B950,TC001,TC003,TC006,B907 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
there is a chance you will need to remove this change, when we merge #4274 tomorrow
' enabled it via env var CKV_VALIDATE_SECRETS and provide an api key') | ||
return None | ||
|
||
base_path = re.sub(r'checkov/(.*?)/src', r'original_secrets/\1', self.repo_path) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can you just move it r'checkov/(.*?)/src'
up to global with a re.compile()
then linters can also pick it up better
…o#4275) * change enriched secrets upload path * not persisting enriched secrets if not eligible for secrets verifier * remove unused import * ignore B907 * change path * use re.sub * remove unnecessary regex groups * retry mechanism for upload * remove unused import * increasing sleep * move repo path pattern to const Co-authored-by: Eliran Turgeman <elturgeman@paloaltonetworks.com>
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Description
Dependent changes has to be merged before merging this PR
Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. List any dependencies that are required for this change.
Fixes # (issue)
New/Edited policies (Delete if not relevant)
Description
Include a description of what makes it a violation and any relevant external links.
Fix
How does someone fix the issue in code and/or in runtime?
Checklist: