New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduce gosec for security checks #2506
Conversation
/test e2e-aws-scaleup-rhel7 |
1 similar comment
/test e2e-aws-scaleup-rhel7 |
Do you have an example of what kind of security flaws does this script highlight on this repo's master. I would like top avoid yet another And if there is an effort to bring this check in all OpenShift repos, i would expect this to be backed by an enhancement. |
gosec does static code analysis and checks for common security issues in golang codebases. This PR introduces a script that will run gosec similarly to other check tools.
I switched the configuration to only highlight critical security flaws with high confidence (as opposed to the previous attempt, which was medium flaws with medium confidence). With this configuration, the tool doesn't find any issues in the codebase (which is good!). Here's the output:
There is no PR in the enhancements repo as of yet. |
/test e2e-aws-scaleup-rhel7- |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: abhinavdahiya, JAORMX The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/test e2e-aws-scaleup-rhel7 |
/retest Please review the full test history for this PR and help us cut down flakes. |
@JAORMX: The following test failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
gosec does static code analysis and checks for common security issues in
golang codebases.
This PR introduces a script that will run gosec similarly to other check
tools.