Uploaded image for project: 'OpenShift SDN'
  1. OpenShift SDN
  2. SDN-4462

Fix the security issues for cloud-network-config-controller repo on master branch

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • OVN Kubernetes
    • None
    • 0
    • 0

      sample CI run for security scan

      https://storage.googleapis.com/test-platform-results/pr-logs/pull/openshift_cloud-network-config-controller/130/pull-ci-openshift-cloud-network-config-controller-master-security/1752981229336006656/build-log.txt

      Repo

      https://github.com/openshift/cloud-network-config-controller/tree/master/

      Short term solution

      Create .snyk file and add exclude snyk rules for every file to suppress the security warnings.

      Possible long term solution

      1. Analyze each security warning, take a wise decision whether it can be ignored (or) to be fixed internally or to be reported with upstream community.
        If this involves upstream community, follow the steps 2 to 5.
      2. Bump up dependent library and check if security warning going away.
      3. If problem still exists, Try to find out if security vulnerability already reported to synk community, Otherwise report the security vulnerability to
        https://snyk.io/vulnerability-disclosure/?_gl=1*9gs63g*_ga*OTg5MjUzNDIuMTcwNDg4NjUxNw..*_ga_X9SH3KP7B4*MTcwNjUxNjcyOC4yLjEuMTcwNjUxNzA0OS4wLjAuMA..
        (They help to verify the vulnerability and contact the maintainer).
      4. Replace exclude rule with ignore rule (with snyk-vulnid avaialble from step 2) to suppress the same security warning.
      5. When solution is available, then remove snyk rule accordingly.

            pepalani@redhat.com Periyasamy Palanichamy
            pepalani@redhat.com Periyasamy Palanichamy
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: