Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(parser): terraform parser now looks into .tfvars for passwords and secrets #4291

Merged
merged 3 commits into from
Sep 28, 2021
Merged

fix(parser): terraform parser now looks into .tfvars for passwords and secrets #4291

merged 3 commits into from
Sep 28, 2021

Conversation

joaoReigota1
Copy link
Collaborator

Signed-off-by: João Reigota [email protected]

Closes #3581

Proposed Changes

  • terraform parser now looks into .tfvars for passwords and secrets
  • new regex to look for generic access keys

I submit this contribution under the Apache-2.0 license.

@joaoReigota1 joaoReigota1 added bug Something isn't working query New query feature labels Sep 27, 2021
@joaoReigota1 joaoReigota1 requested a review from a team September 27, 2021 13:48
@joaoReigota1 joaoReigota1 self-assigned this Sep 27, 2021
@kicsbot
Copy link
Contributor

kicsbot commented Sep 27, 2021

Scan submitted to Checkmarx

@kicsbot
Copy link
Contributor

kicsbot commented Sep 27, 2021

Logo
Checkmarx SAST - Scan Summary & Details

Cx-SAST Summary

Total of 4 vulnerabilities
High 0 High
Medium 0 Medium
Low 4 Low
Info 0 Info

Violation Summary

No policy violation found

@joaoReigota1
fix(parser): terraform parser now looks into .tfvars for passwords an…
e348eb0 
…d secrets

Signed-off-by: João Reigota <[email protected]>

Closes: #3581

- terraform parser now looks into .tfvars for passwords and secrets
- added regex to look for generic access keys
@joaoReigota1 joaoReigota1 force-pushed the fix_tf_vars_files_not_detected branch from 05e0854 to e348eb0 Compare September 27, 2021 14:25
felipe-avelar
felipe-avelar previously approved these changes Sep 27, 2021
View reviewed changes
Copy link
Contributor

@felipe-avelar felipe-avelar left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

rogeriopeixotocx
rogeriopeixotocx suggested changes Sep 28, 2021
View reviewed changes
docs/secrets.md Outdated Show resolved Hide resolved
@rogeriopeixotocx rogeriopeixotocx merged commit aec0074 into master Sep 28, 2021
@rogeriopeixotocx rogeriopeixotocx deleted the fix_tf_vars_files_not_detected branch September 28, 2021 09:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rogeriopeixotocx rogeriopeixotocx rogeriopeixotocx approved these changes

@felipe-avelar felipe-avelar felipe-avelar left review comments

Assignees

@joaoReigota1 joaoReigota1

Labels
bug Something isn't working query New query feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

FN - Hard-coded creds in Terraform are not detected
4 participants
@joaoReigota1 @kicsbot @rogeriopeixotocx @felipe-avelar