Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added some additional, automated secrets maskers #2959

Merged
merged 8 commits into from
May 11, 2020
Merged

Added some additional, automated secrets maskers #2959

merged 8 commits into from
May 11, 2020

Conversation

vtbassmatt
Copy link
Member

No description provided.

@vtbassmatt vtbassmatt changed the title Add some additional secrets masking Added some additional, automated secrets maskers May 4, 2020
@vtbassmatt
Copy link
Member Author

@mjroghelia @damccorm do you see any issues with this?

damccorm
damccorm approved these changes May 11, 2020
View reviewed changes
Copy link

@damccorm damccorm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In general, this seems fine to me. What's our plan for bugs that come up in this area? Do we send them back to the credscan folks and then somehow consume their fixes?

@vtbassmatt
Copy link
Member Author

@damccorm yeah if anything here becomes problematic for us, we have a few levers to pull:

  • an individual customer can disable with AZP_USE_CREDSCAN_REGEXES=false as an env var (the HostContext can't use runtime variables as knob sources for some reason)
  • we can update the "exclude patterns by name" list in CredScanPatternExtractor.cs
  • and of course, we can always ask the CredScan folks for a fix

@vtbassmatt vtbassmatt merged commit 9d7ee2e into master May 11, 2020
@vtbassmatt vtbassmatt deleted the new-regexes branch May 11, 2020 17:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mjroghelia mjroghelia mjroghelia approved these changes

@damccorm damccorm damccorm approved these changes

Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@vtbassmatt @mjroghelia @damccorm