Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Fix gosec warnings, disable pprof by default. Fixes #6594 #6596

Merged
merged 7 commits into from
Aug 25, 2021
Merged

fix: Fix gosec warnings, disable pprof by default. Fixes #6594 #6596

merged 7 commits into from
Aug 25, 2021

Conversation

alexec
Copy link
Contributor

@alexec alexec commented Aug 24, 2021

Fixes #6594

@alexec
fix: Fix gosec warnings. Fixes #6594
481dc2b 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
@alexec
ok
e67ae28 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
@alexec
ok
546305b 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
@alexec alexec marked this pull request as ready for review August 24, 2021 17:08
terrytangyuan
terrytangyuan approved these changes Aug 24, 2021
View reviewed changes
Copy link
Member

@terrytangyuan terrytangyuan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great!

@alexec
ok
48982dd 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
@codecov
Copy link

codecov bot commented Aug 24, 2021
edited
Loading

Codecov Report

Merging #6596 (11690fe) into master (be07a8a) will increase coverage by 0.02%.
The diff coverage is 36.36%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #6596      +/-   ##
==========================================
+ Coverage   48.52%   48.54%   +0.02%     
==========================================
  Files         261      261              
  Lines       18954    18955       +1     
==========================================
+ Hits         9197     9202       +5     
+ Misses       8737     8733       -4     
  Partials     1020     1020
Impacted Files Coverage Δ
cmd/argo/commands/server.go 30.76% <0.00%> (-0.24%) ⬇️
util/util.go 26.47% <0.00%> (ø)
workflow/artifacts/git/git.go 45.79% <ø> (ø)
workflow/common/common.go 80.00% <ø> (ø)
workflow/executor/common/common.go 48.38% <0.00%> (ø)
workflow/executor/emissary/emissary.go 0.00% <0.00%> (ø)
workflow/util/util.go 46.26% <50.00%> (ø)
workflow/executor/executor.go 24.10% <66.66%> (ø)
pkg/apis/workflow/v1alpha1/item.go 77.35% <100.00%> (ø)
cmd/argo/commands/get.go 59.76% <0.00%> (+0.87%) ⬆️
... and 1 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update be07a8a...11690fe. Read the comment docs.

@alexec
ok
1c54d0b 
Signed-off-by: Alex Collins <alex_collins@intuit.com>
@alexec alexec enabled auto-merge (squash) August 24, 2021 22:31
@alexec
Copy link
Contributor Author

alexec commented Aug 25, 2021 

E2E Tests (test-cli, emissary, mysql)
failed 18 hours ago in 11m 42s

Failed.

@alexec
Copy link
Contributor Author

alexec commented Aug 25, 2021 

-- FAIL: TestCLISuite (355.25s)
    --- FAIL: TestCLISuite/TestArchive (9.40s)
        --- FAIL: TestCLISuite/TestArchive/List (0.06s)
   --- FAIL: TestCLISuite/TestLogProblems (19.85s)
   --- FAIL: TestCLISuite/TestRoot (5.27s)
        --- PASS: TestCLISuite/TestRoot/Submit (0.05s)
        --- FAIL: TestCLISuite/TestRoot/List (0.30s)
            --- PASS: TestCLISuite/TestRoot/List/DefaultOutput (0.08s)
            --- PASS: TestCLISuite/TestRoot/List/NameOutput (0.05s)
            --- PASS: TestCLISuite/TestRoot/List/WideOutput (0.06s)
            --- FAIL: TestCLISuite/TestRoot/List/JSONOutput (0.06s)
            --- FAIL: TestCLISuite/TestRoot/List/YAMLOutput (0.05s)
    --- FAIL: TestCLISuite/TestVersion (0.17s)
        --- PASS: TestCLISuite/TestVersion/NoError (0.04s)
        --- FAIL: TestCLISuite/TestVersion/Default (0.04s)
        --- FAIL: TestCLISuite/TestVersion/Short (0.04s)

        	Error:      	"time=\"2021-08-25T16:51:18Z\" level=info msg=\"not enabling pprof debug endpoints\"" does not contain "NAMESPACE"

@alexec alexec merged commit 8678f00 into master Aug 25, 2021
@alexec alexec deleted the fix-6594 branch August 25, 2021 21:15
@sarabala1979 sarabala1979 mentioned this pull request Sep 2, 2021
Closed
61 tasks
@sarabala1979 sarabala1979 mentioned this pull request Sep 9, 2021
Closed
68 tasks
JPZ13 pushed a commit to JPZ13/argo-workflows that referenced this pull request Sep 26, 2021
@alexec @JPZ13
feat: Multi-cloud/cluster/namespace workflows. Fixes argoproj#6089, a…
0c78f19 
…rgoproj#3523, argoproj#2063

Signed-off-by: Alex Collins <alex_collins@intuit.com>

mre

Signed-off-by: Alex Collins <alex_collins@intuit.com>

bits

Signed-off-by: Alex Collins <alex_collins@intuit.com>

fix(executor): Disambiguate PNS executor initialization log (argoproj#6582)

Signed-off-by: Yuan Tang <terrytangyuan@gmail.com>

ci: Disable builds on forks (argoproj#6589)

Signed-off-by: Yuan Tang <terrytangyuan@gmail.com>

fix!: Enable authentication by default on Argo Server `/metrics` endpoint. Fixes argoproj#6592 (argoproj#6595)

Signed-off-by: Alex Collins <alex_collins@intuit.com>

ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>

ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>

ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>

chore: Upgrade cobra to v1.2.1  (argoproj#6597)

Signed-off-by: Alex Collins <alex_collins@intuit.com>

ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>

ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>

docs: Document auth rate limiting. Fixes argoproj#5217

docs: Document IP address logging. Fixes argoproj#5216

fix: Fix `gosec` warnings, disable pprof by default. Fixes argoproj#6594 (argoproj#6596)

Signed-off-by: Alex Collins <alex_collins@intuit.com>

ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>

fix tests

Signed-off-by: Alex Collins <alex_collins@intuit.com>

fix/skip tests

Signed-off-by: Alex Collins <alex_collins@intuit.com>

ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>

ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>

o

Signed-off-by: Alex Collins <alex_collins@intuit.com>

ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>

ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>

docs: Fix template-defaults duplicated in docs and add missing whitespace in h1 (argoproj#6601)

Signed-off-by: Michael Pöllath <mpoellath.dev@gmail.com>

docs: fix continue on failure dag example (argoproj#6609)

Signed-off-by: Siebren Zwerver <siebren@siebjee.nl>

fix: manifests/quick-start/sso for running locally PROFILE=sso (argoproj#6503)

Signed-off-by: Tetsuya Shiota <tetsuya.shiota.1231@gmail.com>

chore: Run `make codegen`

Signed-off-by: Alex Collins <alex_collins@intuit.com>

build: disable UI by default for `make start`

docs: Document argoproj#6297 breaking change (argoproj#6616)

docs: Remove sym-links from docs (argoproj#6617)

Signed-off-by: Alex Collins <alex_collins@intuit.com>

upgrade to v0.0.9

Signed-off-by: Alex Collins <alex_collins@intuit.com>

fix test

Signed-off-by: Alex Collins <alex_collins@intuit.com>

fix tests

Signed-off-by: Alex Collins <alex_collins@intuit.com>

add missing label selector

Signed-off-by: Alex Collins <alex_collins@intuit.com>

add transport wrappers

Signed-off-by: Alex Collins <alex_collins@intuit.com>

fix clean-up keys

Signed-off-by: Alex Collins <alex_collins@intuit.com>

ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>

ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>

fix: quay.io stuffs

Signed-off-by: Alex Collins <alex_collins@intuit.com>

fix: support in-cluster correctly

Signed-off-by: Alex Collins <alex_collins@intuit.com>

ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>

fix(controller): Initialize throttler during starting workflow-controller. Fixes: argoproj#6599 (argoproj#6608)

Signed-off-by: smile-luobin <smile.luobin@gmail.com>

 docs: Add slack exit handler example. Resolves argoproj#4152  (argoproj#6612)

Signed-off-by: J.P. Zivalich <j.p.zivalich@gmail.com>

fix: Argo Workflow specs link to not go to raw content (argoproj#6624)

Signed-off-by: Andrey Melnikov <vafilor@gmail.com>

ci: Build Docker manifest with complete dep list (argoproj#6621)

Signed-off-by: Curtis Vogt <curtis.vogt@gmail.com>

fix: Upgrade Dataflow to v0.0.96 (argoproj#6622)

Signed-off-by: Alex Collins <alex_collins@intuit.com>

ok

Signed-off-by: Alex Collins <alex_collins@intuit.com>

docs: Fix incorrect link to examples (argoproj#6630)

Signed-off-by: Yuan Tang <terrytangyuan@gmail.com>

fix: Fixed typo in clusterrole (argoproj#6626)

Signed-off-by: Saravanan Balasubramanian <sarabala1979@gmail.com>

build: Fix repository prefix (argoproj#6636)

Signed-off-by: Alex Collins <alex_collins@intuit.com>

feat: Upgrade dataflow to v0.0.98 (argoproj#6637)

Signed-off-by: Alex Collins <alex_collins@intuit.com>

docs: correct https://bit.ly/book-30m-with-argo-team URL

feat(controller): Add a shared index informer for ConfigMaps (argoproj#6644)

Signed-off-by: Yuan Tang <terrytangyuan@gmail.com>

Fix duplicated import

Signed-off-by: J.P. Zivalich <j.p.zivalich@gmail.com>
@agilgur5 agilgur5 added the type/security Security related label Feb 8, 2024
This was referenced Feb 10, 2024
Open
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@terrytangyuan terrytangyuan terrytangyuan approved these changes

@sarabala1979 sarabala1979 sarabala1979 approved these changes

@whynowy whynowy Awaiting requested review from whynowy

Assignees
No one assigned
Labels
type/security Security related
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

gosec warnings
4 participants
@alexec @terrytangyuan @sarabala1979 @agilgur5