Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SONARIAC-1856 Modify S7019: add EXEC alternatives and exceptions #4597

Merged
merged 9 commits into from
Jan 8, 2025
Merged

SONARIAC-1856 Modify S7019: add EXEC alternatives and exceptions #4597

merged 9 commits into from
Jan 8, 2025

Conversation

rudy-regazzoni-sonarsource
Copy link
Contributor

No description provided.

@rudy-regazzoni-sonarsource rudy-regazzoni-sonarsource changed the title SONARIAC-1856 Update S7019 content SONARIAC-1856 Modify S7019: add EXEC alternatives and exceptions Jan 7, 2025
jonas-wielage-sonarsource
jonas-wielage-sonarsource approved these changes Jan 8, 2025
View reviewed changes
Copy link
Contributor

@jonas-wielage-sonarsource jonas-wielage-sonarsource left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please have a look at my suggestions before merging.

rules/S7019/docker/rule.adoc Outdated Show resolved Hide resolved
rules/S7019/docker/rule.adoc Outdated Show resolved Hide resolved
rules/S7019/docker/rule.adoc Outdated Show resolved Hide resolved
rules/S7019/docker/rule.adoc Outdated
Comment on lines 34 to 49
[source,docker,diff-id=2,diff-type=noncompliant]
----
FROM scratch
ENTRYPOINT echo "Long script with chaining commands" \
&& echo "Welcome!" \
&& echo "Goodbye"
----

[source,docker,diff-id=3,diff-type=noncompliant]
----
FROM scratch
ENTRYPOINT echo "Long script with chaining commands" \
&& echo "Welcome!" \
&& echo "Goodbye"
----

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would remove the diff-id=3 noncompliant example.
Keep only the compliant one with the wrapper script, but add the relation to a non compliant one.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah very good point! I didn't know we could link multiple compliant examples to a single non-compliant one. Way better!

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's not what I meant, sorry for the confusion.
I meant that diff-id and diff-type will be removed from the wrapper file solution.
Unfortunately we can only use one diff-id per unique example, so I we need to adress this in a follow up PR 😅

@sonarqube-next SonarQube-Next
Copy link

sonarqube-next bot commented Jan 8, 2025

Quality Gate passed Quality Gate passed for 'rspec-tools'

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@sonarqube-next SonarQube-Next
Copy link

sonarqube-next bot commented Jan 8, 2025

Quality Gate passed Quality Gate passed for 'rspec-frontend'

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@rudy-regazzoni-sonarsource rudy-regazzoni-sonarsource merged commit 444c238 into master Jan 8, 2025
9 of 10 checks passed
@rudy-regazzoni-sonarsource rudy-regazzoni-sonarsource deleted the SONARIAC-1856 branch January 8, 2025 14:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jonas-wielage-sonarsource jonas-wielage-sonarsource jonas-wielage-sonarsource approved these changes

Assignees
No one assigned
Labels
iac
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rudy-regazzoni-sonarsource @jonas-wielage-sonarsource