Uploaded image for project: 'Machine Config Operator'
  1. Machine Config Operator
  2. MCO-999

Enable blocking SAST scans in OpenShift CI

    XMLWordPrintable

Details

    • 0
    • 0

    Description

      As an OpenShift developer, I want to know that my code is as secure as possible by running static analysis on each PR. Additionally, I want this to gate my ability to merge a PR.

       

      Most of the background and reason for this is in https://issues.redhat.com/browse/MCO-998, this card primarily concerns itself with switching this configuration from non-gating to gating.

       

      Done When:

      • The configuration in the openshift/release repository is switched from non-gating to gating by setting optional: true.
      • Remediate any deficiencies identified by the scans and/or an override in the form of a .snyk file placed in the MCO repository root. See: https://docs.ci.openshift.org/docs/how-tos/add-security-scanning/ for additional info about the .snyk file.

      Attachments

        Issue Links

          depends on

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. MCO-998 Enable non-blocking SAST scans in OpenShift CI

          • Undefined - Priority not specified.
          • Closed

          Activity

            People

              Unassigned Unassigned
              zzlotnik@redhat.com Zack Zlotnik
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: