👨🏭 Git-Repo-Scanner Refactoring #358
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…to git-repo-scanner-refactoring
- fixed tests - CLI execution in docker and tests in pipeline needs to be fixed
rseedorff
changed the title
twwd
reviewed
Apr 9, 2021
|
Is this PR ready for review or still in Draft mode? Otherwise please switch from draft to ready :-) |
paulschmelzer
changed the title
paulschmelzer
changed the title
rseedorff
approved these changes
Apr 11, 2021
secureCodeBoxBot
added a commit
that referenced
this pull request
Nov 18, 2021
Signed-off-by: secureCodeBoxBot <securecodebox@iteratec.com> ## Release changes : ## Summary CODE_OF_CONDUCT.md CONTRIBUTING.md CONTRIBUTORS.md DCO LICENSE LICENSES Makefile README.md SECURITY.md UPGRADING.md Vagrantfile auto-discovery bin common.mk demo-targets docs hook-sdk hooks hooks.mk lurker operator package-lock.json package-lock.json.license package.json package.json.license parser-sdk scanners scanners.mk sdk.mk tests Adds support for `Job` resources - thank you @superbrothers for this contribution! CODE_OF_CONDUCT.md CONTRIBUTING.md CONTRIBUTORS.md DCO LICENSE LICENSES Makefile README.md SECURITY.md UPGRADING.md Vagrantfile auto-discovery bin common.mk demo-targets docs hook-sdk hooks hooks.mk lurker operator package-lock.json package-lock.json.license package.json package.json.license parser-sdk scanners scanners.mk sdk.mk tests Adds option to disable colour output when using `pretty` formatting (package only) CODE_OF_CONDUCT.md CONTRIBUTING.md CONTRIBUTORS.md DCO LICENSE LICENSES Makefile README.md SECURITY.md UPGRADING.md Vagrantfile auto-discovery bin common.mk demo-targets docs hook-sdk hooks hooks.mk lurker operator package-lock.json package-lock.json.license package.json package.json.license parser-sdk scanners scanners.mk sdk.mk tests Enabled Dependabot and updates dependencies ## Changelog b68cabd Update version to 0.15.0 (#372) 7f54326 Bump github.com/jetstack/cert-manager from 1.6.0 to 1.6.1 (#371) 9cdecb3 Bump k8s.io/apiextensions-apiserver from 0.22.2 to 0.22.3 (#368) 6cc7a75 Add support for kind Job (#370) 0ef3005 Bump github.com/jetstack/cert-manager from 1.5.4 to 1.6.0 (#365) e5c797a Bump k8s.io/apimachinery from 0.22.2 to 0.22.3 (#369) d597928 Bump k8s.io/apiextensions-apiserver from 0.21.3 to 0.22.2 (#362) 79cce8c Remove wip probot (#364) 700c39f Bump github.com/jetstack/cert-manager from 1.4.1 to 1.5.4 (#363) fe44171 Fix dependabot (#358) 374a428 Support parsing for server specs (#356) 50c618b Add Support for Services (#353) 7b57f85 Update dependencies and add dependabot (#354) 2d8282c Make k8s and override packages public (#351) 47c31d5 Add option to disable printing results in color (#350) ca64457 Remove deprecated mountds auditor (#349) 863e367 Remove example dependency on internal packages (#348) ## Docker images - `docker pull shopify/kubeaudit:latest` - `docker pull shopify/kubeaudit:0.15.0` - `docker pull shopify/kubeaudit:v0.15`
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
REFACTORING
This PR refactors #327
Description
Implements a new rate limit configuration
Implements #325
This PR if applied adds a new rate limit configuration to the git-repo-scanner to obey the GitHub and GitLeaks server rate limits. By default this setting is true.
Example
Works for GitHub and Gitlab:
--obey-rate-limit=Truethe scanner will hit the GitHub API every 60 seconds at max (3600s / 60 requests per hour = 60s seconds delay between two request).--obey-rate-limit=Truethe scanner will hit the GitHub API every 0,7 seconds at max (3600s / 5000 requests per hour = 0,7s seconds delay between two request).Implements a new git repository filter based on latest activity
Implements #320
Example
Works for GitHub and Gitlab:
--activity-since-duration: Return git repo findings with repo activity (e.g. commits) more recent than a specific date expresed by an duration (now + duration). A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as '1h' or '2h45m'. Valid time units are 'm', 'h', 'd', 'w'. --activity-until-duration: Return git repo findings with repo activity (e.g. commits) older than a specific date expresed by an duration (now + duration). A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as '1h' or '2h45m'. Valid time units are 'm', 'h', 'd', 'w'.Testing
If you want to test this PR please reference the following docker image:
docker pull securecodebox/scanner-git-repo-scanner:git-repo-scanner-refactoringExample HelmChart Install
You can use the following command to install and test this PR in your environment. For more general informations please check the scanner documentation : https://docs.securecodebox.io/docs/scanners/git-repo-scanner
Checklist
npm testruns for the whole project.