Skip to content

Include original resolver name in migrated Secret Scanning alerts #1334

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
theztefan opened this issue Apr 25, 2025 · 0 comments
Open

Include original resolver name in migrated Secret Scanning alerts #1334

theztefan opened this issue Apr 25, 2025 · 0 comments

Comments

@theztefan
Copy link
Contributor

Description

When using the gh gei migrate-secret-alerts to migrate alerts, the resolution comments from the source alert are also mapped over to the target alerts. Which works fine but can be further improved to include the original resolver name into the comment. The reason for this is because typicall the gh gei migrate-secret-alerts in migrations is run with tokens generated by GitHub Apps therefore the resolver in the target alert is a tool therefore we are losing the useful information of who originally closed an alert.

Example

Source alert resolution comment:

Image

After migrating it with a workflow that uses GitHub App to generate tokens, the target alert does not show @theztefan as closer by rather ghas-control[bot].

Image

Proposed improvement

This result expected and not a bug! The suggestion is to also transfer the resolver name as part of the comment in the target alert. So the result in the example above would be ghas-control[bot] closed this with a comment @theztefan: Revoked today.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@theztefan