Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consolidate scanners #48

Merged
merged 22 commits into from
Oct 19, 2023
Merged

Consolidate scanners #48

merged 22 commits into from
Oct 19, 2023

Conversation

LilaKelland
Copy link
Collaborator

  • Consolidated the scanners.
  • Changed dev environment to node 18 (may need to change this to alpine, and in the Dockerfile rather than json)

Removed:

  • service discovery
  • endpoint dispatcher
  • github octokit repo details, (and the corresponding superfluous functions format the response)

Now:

  • Moved to receive payload from webhook (github-clone-repo and github-octokit-check both subscribe to GitHubEvents) rather than endpoint-dispatcher
  • github-clone-repo still clones repo
  • github-checks-on-cloned repo scans the cloned repo for files and directories (note - feeling like once we have more thorugh scans for api and tests, we'll eliminate those here (ie dependabot.yaml)
  • github-octokit-checks calls to the octokit API to retrieve repo metadata details and information on security protocols implemented.
  • There are couple of checks in github-octokit-checks that require main branch (which can be pulled from githubrepodetails) so either that can be linked, or can be published to a branch check (that this service is subscribed to as well) and be handled that way. Right now blanket passing main branch to all calls, but will need to update this in the future.

Still to do

  • move tests over and create more for better coverage
  • save to db

LilaKelland and others added 22 commits October 16, 2023 14:25
@LilaKelland
restarting consolidation -re-adding in from 'stashing changes' branch…
11d2995 
…. Have github-checks-on-cloned-repo working, now need to refactor
@LilaKelland
added strategies to app.js - now will move them in to index.js
1aadd3f
@LilaKelland
Added strategies into index.js - now working on the 'all checks'
806990b
@LilaKelland
Added allChecks - will need to add tests back in and consisider forma…
505a6da 
…tting tomorrow
@LilaKelland
Removed extra files used to try things out.
c8204f8
@LilaKelland
Added comments and changed repoCheck to repoChecker which is ever so …
cd3d5f2 
…slightly more descriptive
@LilaKelland
Added note re appending source code repository in payload
61f5f55
@LilaKelland
cleaned up console logs - moved publish log to publish function
a30d972
@LilaKelland
changed node to 18 (in json not docker - will need to change tomorrow…
de35a4b 
… and move to alpine), moving to strategy pattern for octokit - still need to add a few more and extract the call to octokit function
@LilaKelland
Added checks in except branch protection and githubpages - works in a…
2f26c6c 
…pp.js - will move to index tomorrow and format branch protection
@LilaKelland
Added all checks and branch protection, added error handling for when…
b84b533 
… token does not have permission to access security information, removed app.js, cleaned up index.js
@Collinbrown95
fmt(kustomization.yaml): new line at EOF
2830014
@Collinbrown95
feat(arangodeployment): disable arango managed TLS
f930d69 
- production cluster will use mTLS on mesh for all nodes on cluster.
- simplifies local dev environment
@Collinbrown95
fix(Makefile): add localhost prefix to image tags
3650fb0
@Collinbrown95
feat(Dockerfile): add EXPOSE stanza to indicate ports each container …
d5555c5 
…listens on
@Collinbrown95
feat(k8s): add svc for all custom deployments
7e2a269
@Collinbrown95
feat(Makefile): add port-forward target
703d715
@LilaKelland
removed wipe-later folder and switched the node versions back in devc…
af4da73 
…ontainer as build failed
@LilaKelland
checkpoint before pair programming
5c4cd23
@Collinbrown95
feat(.devcontainer): update node version
03645c5
@Collinbrown95
tidy(octokit-checks): remove initializeChecker
5ab5270
@Collinbrown95
fix(webhook-server): fix env var name conflict with k8s
8508f8f
@Collinbrown95 Collinbrown95 merged commit 66e7168 into main Oct 19, 2023
@Collinbrown95 Collinbrown95 deleted the consolidate-scanners branch October 25, 2023 21:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@LilaKelland @Collinbrown95