Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updating scoop #231

Closed
wants to merge 11 commits into from
Closed

Updating scoop #231

wants to merge 11 commits into from

Conversation

YashasviDevtron
Copy link
Contributor

No description provided.

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Jul 2, 2024

Quality Gate Failed Quality Gate failed

Failed conditions
C Security Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

@gitguardian GitGuardian
Copy link

gitguardian bot commented Aug 14, 2024
edited
Loading

⚠️ GitGuardian has uncovered 4 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request
GitGuardian id GitGuardian status Secret Commit Filename
4540226 Triggered Generic Password 47a1722 charts/security/values.yaml View secret
10027064 Triggered Generic Password 47a1722 charts/devtron-essentials/values.yaml View secret
10220829 Triggered Generic High Entropy Secret 47a1722 charts/devtron/values.yaml View secret
10220829 Triggered Generic High Entropy Secret 47a1722 charts/devtron/devtron-bom.yaml View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secrets safely. Learn here the best practices.
  3. Revoke and rotate these secrets.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

github-advanced-security[bot]
github-advanced-security bot found potential problems Aug 14, 2024
View reviewed changes
charts/scoop/templates/clusterrole.yaml
- apiGroups:
- '*'
resources:
- '*'

Check warning

Code scanning / SonarCloud

Wildcards should not be used to define RBAC permissions Medium

Do not use wildcards when defining RBAC permissions. See more on SonarCloud
charts/scoop/templates/clusterrole.yaml
- apiGroups:
- extensions
resources:
- '*'

Check warning

Code scanning / SonarCloud

Wildcards should not be used to define RBAC permissions Medium

Do not use wildcards when defining RBAC permissions. See more on SonarCloud
charts/scoop/templates/clusterrole.yaml
- apiGroups:
- apps
resources:
- '*'

Check warning

Code scanning / SonarCloud

Wildcards should not be used to define RBAC permissions Medium

Do not use wildcards when defining RBAC permissions. See more on SonarCloud
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Aug 14, 2024

Quality Gate Failed Quality Gate failed

Failed conditions
C Security Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@YashasviDevtron