Skip to content

Add pre-commit and trivy scan configs #33

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
asloobq merged 2 commits into from
Apr 8, 2024
Merged

Add pre-commit and trivy scan configs #33

asloobq merged 2 commits into from
Apr 8, 2024

Conversation

@asloobq
Copy link
Contributor

@asloobq asloobq commented Apr 5, 2024

Tested locally
Diff:

diff --git a/examples/sample_encryption.py b/examples/sample_encryption.py
index 6a6ec52..46e64d9 100644
--- a/examples/sample_encryption.py
+++ b/examples/sample_encryption.py
@@ -14,7 +14,7 @@ def _usage():

 if len(sys.argv) <= 5:
     _usage()
-
+dummy_key="UID2-A-T-abcdef.12345678901234567890123456789012345678"
 base_url = sys.argv[1]
 auth_key = sys.argv[2]
 secret_key = sys.argv[3]

Commit:

(venv) ➜  uid2-client-python git:(aaq-UID2-3163-enable-secret-scanning) ✗ git commit -m "Update trivy version"
trivyfs-docker...........................................................Failed
- hook id: trivyfs-docker
- exit code: 1

2024-04-05T17:47:36.570Z	INFO	Secret scanning is enabled
2024-04-05T17:47:36.572Z	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-04-05T17:47:36.572Z	INFO	Please see also https://aquasecurity.github.io/trivy/v0.50/docs/scanner/secret/#recommendation for faster secret detection
2024-04-05T17:47:36.574Z	INFO	Loading /src/trivy-secret.yaml for secret scanning...

examples/sample_encryption.py (secrets)
=======================================
Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 1)

CRITICAL: uid2 (uid2-admin-key-test)
════════════════════════════════════════
UID2 - Admin Key - Test
────────────────────────────────────────
 examples/sample_encryption.py:17
────────────────────────────────────────
  15   if len(sys.argv) <= 5:
  16       _usage()
  17 [ dummy_key="UID2-A-T-*********************************************"
  18   base_url = sys.argv[1]
────────────────────────────────────────

(venv) ➜  uid2-client-python git:(aaq-UID2-3163-enable-secret-scanning) ✗

@asloobq asloobq marked this pull request as ready for review April 5, 2024 17:50
@asloobq asloobq merged commit bbc2ec9 into main Apr 8, 2024
@asloobq asloobq deleted the aaq-UID2-3163-enable-secret-scanning branch April 8, 2024 18:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@thomasm-ttd thomasm-ttd thomasm-ttd approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@asloobq @thomasm-ttd