Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CredScan] Suppress warnings for "username" string #23358

Merged
merged 1 commit into from
Mar 7, 2022
Merged

[CredScan] Suppress warnings for "username" string #23358

merged 1 commit into from
Mar 7, 2022

Conversation

mccoyp
Copy link
Member

@mccoyp mccoyp commented Mar 5, 2022

Description

The remaining active CredScan warnings -- coming from azure-mgmt-containerregistry and azure-mgmt-containerservice -- all seem to come from the presence of the string "username" in generated code. This is a little surprising, considering the string appears in... a lot of places, but CredScan knows more than me about why it's particularly suspicious in these files.

All SDK Contribution checklist:

  • The pull request does not introduce [breaking changes]
  • CHANGELOG is updated for new features, bug fixes or other significant changes.
  • I have read the contribution guidelines.

General Guidelines and Best Practices

  • Title of the pull request is clear and informative.
  • There are a small number of commits, each of which have an informative message. This means that previously merged commits do not appear in the history of the PR. For more information on cleaning up the commits in your PR, see this page.

Testing Guidelines

  • N/A Pull request includes test coverage for the included changes.
    • Verifying a clean CredScan run for each affected package by running their respective CI pipelines.

@mccoyp mccoyp added the EngSys This issue is impacting the engineering system. label Mar 5, 2022
@mccoyp
Copy link
Member Author

mccoyp commented Mar 5, 2022

/azp run python - containerregistry - ci

@azure-pipelines
Copy link

Azure Pipelines could not run because the pipeline triggers exclude this branch/path.

@mccoyp
Copy link
Member Author

mccoyp commented Mar 5, 2022

Pipeline run for azure-mgmt-containerregistry: https://dev.azure.com/azure-sdk/public/_build/results?buildId=1411201&view=results

Pipeline run for azure-mgmt-containerservice: https://dev.azure.com/azure-sdk/public/_build/results?buildId=1411257&view=results

@mccoyp mccoyp marked this pull request as ready for review March 5, 2022 02:23
@mccoyp mccoyp merged commit ccf4230 into Azure:main Mar 7, 2022
@mccoyp mccoyp deleted the mgmt-credscan branch March 7, 2022 18:18
iscai-msft added a commit to iscai-msft/azure-sdk-for-python that referenced this pull request Mar 9, 2022
@iscai-msft
Merge branch 'main' of https://github.com/Azure/azure-sdk-for-python
7b98b1d 
…into new_metrics_advisor

* 'main' of https://github.com/Azure/azure-sdk-for-python: (28 commits)
  [Storage] Fix duplicate type signatures in async (Azure#23375)
  Adds Env Var that overrides x-ms-useragent, to correct test pipeline (Azure#23310)
  [Key Vault] Arch board feedback and language alignment (Azure#23286)
  include txt sample files in package (Azure#23409)
  [KeyVault Admin] Add one perfstress test (Azure#23303)
  Increment version for search releases (Azure#23405)
  fix version on readme (Azure#23408)
  Increment version for identity releases (Azure#23407)
  [formrecognizer] Fix cspell issues (Azure#23313)
  Increment package version after release of azure-synapse-artifacts (Azure#23393)
  [pylint] dev_requirements.txt for pylint (Azure#23387)
  [Sql] Update sql tests (Azure#23398)
  code and test (Azure#23397)
  [Sql] Migrate sql tests to test proxy (Azure#23388)
  Update swagger to latest version (Azure#23377)
  Sync eng/common directory with azure-sdk-tools for PR 2875 (Azure#23379)
  [formrecognizer] Improve live pipeline tests (Azure#23239)
  update min version of azure-mgmt-core in shared reqs (Azure#23374)
  [CredScan] Suppress warnings for "username" string (Azure#23358)
  [synapse] regenerate `azure-synapse-artifacts` with tag `package-artifacts-composite-v3` (Azure#23295)
  ...
rakshith91 pushed a commit to rakshith91/azure-sdk-for-python that referenced this pull request Apr 7, 2022
@mccoyp @rakshith91
[CredScan] Suppress warnings for "username" string (Azure#23358)
162bcd0
rakshith91 pushed a commit to rakshith91/azure-sdk-for-python that referenced this pull request Apr 10, 2022
@mccoyp @rakshith91
[CredScan] Suppress warnings for "username" string (Azure#23358)
1271636
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sima-zhu sima-zhu sima-zhu approved these changes

@scbedd scbedd Awaiting requested review from scbedd scbedd is a code owner

@weshaggard weshaggard Awaiting requested review from weshaggard weshaggard is a code owner

@benbp benbp Awaiting requested review from benbp benbp is a code owner

Assignees
No one assigned
Labels
EngSys This issue is impacting the engineering system.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mccoyp @sima-zhu