Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PYIC-6710: exclude secrets from process cri callback #2037

Draft
wants to merge 20 commits into
base: main
Choose a base branch
from
Draft

PYIC-6710: exclude secrets from process cri callback #2037

wants to merge 20 commits into from

Conversation

thebauSoftwire
Copy link
Contributor

@thebauSoftwire thebauSoftwire commented Jun 19, 2024
edited by jira bot
Loading

Proposed changes

What changed

  • excluding secrets from process-cri-callback

Why did it change

The .secrets.baseline file was being updated with new secrets every time a "secret" was detected. Instead, we should use rules to avoid false positives being added to the baseline. This means we'll have less conflicts as the only changes made to the baseline should be if the filters are updated.

Issue tracking

@thebauSoftwire thebauSoftwire requested review from a team as code owners June 19, 2024 14:17
@thebauSoftwire thebauSoftwire marked this pull request as draft June 19, 2024 16:17
@thebauSoftwire thebauSoftwire force-pushed the PYIC-6710-remove-secrets-in-contract-tests branch from 23d2c17 to 52ad495 Compare June 20, 2024 14:27
@thebauSoftwire
PYIC-6710: exclude test-secret and dummyapikey + exclude specific dum…
4d3aed1 
…my siganture
@thebauSoftwire
PYIC-none: exclude x-api-key
6f2e7d8
@thebauSoftwire
PYIC-6710: exclude dummy body
5d28d08
@thebauSoftwire
PYIC-6710: exclude common signing key
37d1189
@thebauSoftwire
PYIC-6710: remove unnecessary inline exclusion
80a3c60
@thebauSoftwire
PYIC-6710: remove f2fCri contract test secrets
befc04f
@thebauSoftwire
PYIC-6710: remove addressCri contract test secrets
ce5face
@thebauSoftwire
PYIC-6710: remove bavCri contract test secrets
4496b85
@thebauSoftwire
PYIC-6710: remove cicCri contract test secrets
06b5022
@thebauSoftwire
PYIC-6710: remove dcmawCri contract test secrets
d83e847
@thebauSoftwire
PYIC-6710: remove experianKbvCri contract test secrets
9f97880
@thebauSoftwire
PYIC-6710: remove hmrcKbvCri contract test secrets
07e2e37
@thebauSoftwire
PYIC-6710: remove ninoCri contract test secrets
6adbd39
@thebauSoftwire
PYIC-6710: remove processCriCallback drivingLicenceCri credential test
4b27466
@thebauSoftwire
PYIC-6710: remove processCriCallback drivingLicenceCri token test sec…
44ae02b 
…rets
@thebauSoftwire
PYIC-6710: remove processCriCallback fraudCri credential test secrets
3e05afc
@thebauSoftwire
PYIC-6710: remove processCriCallback fraudCri token test secrets
57d945d
@thebauSoftwire
PYIC-6710: remove processCriCallback passportCri credential+token tes…
27116dc 
…t secrets
@thebauSoftwire
PYIC-6710: exclude remaining process-cri-callback secrets
4ef2323
@thebauSoftwire thebauSoftwire force-pushed the PYIC-6710-exclude-secrets-from-process-cri-callback branch from 6b4f4e5 to 4ef2323 Compare June 20, 2024 14:55
@thebauSoftwire thebauSoftwire changed the base branch from PYIC-6710-remove-secrets-in-contract-tests to PYIC-6710 June 20, 2024 14:56
thebauSoftwire
thebauSoftwire commented Jun 20, 2024
View reviewed changes
.secrets.baseline
@@ -115,7 +115,8 @@
"pattern": [
"(?i)dummyapikey",
"(?i)test-secret",
"^x-api-key$"
"^x-api-key$",
"^1f9d73167e2166b707c6$"
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same comment as here: #2036 (comment)

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Jun 20, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sam803
sam803 previously approved these changes Jun 21, 2024
View reviewed changes
Base automatically changed from PYIC-6710 to main June 24, 2024 11:20
@DanCorderIPV DanCorderIPV dismissed sam803’s stale review June 24, 2024 11:20

The base branch was changed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sam803 sam803 sam803 left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@thebauSoftwire @sam803