Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix GO security check issue #124

Closed
wants to merge 1 commit into from
Closed

Fix GO security check issue #124

wants to merge 1 commit into from

Conversation

baoy1
Copy link
Contributor

@baoy1 baoy1 commented Oct 14, 2022

Description

Fix the alert "Use of net/http serve function that has no support for setting timeouts"
Replace http.ListenAndServeTLS with server.Serve.

GitHub Issues

List the GitHub issues impacted by this PR:

GitHub Issue #
N/A

Checklist:

  • I have performed a self-review of my own code to ensure there are no formatting, vetting, linting, or security issues
  • I have verified that new and existing unit tests pass locally with my changes
  • I have not allowed coverage numbers to degenerate
  • I have maintained at least 90% code coverage
  • I have inspected the Grafana dashboards to verify the data is displayed properly
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have added tests that prove my fix is effective or that my feature works
  • I have maintained backward compatibility

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Please also list any relevant details for your test configuration

  • make check test
karavi-topology git:(back/bugfix-go-security-check) ✗ make check test
./scripts/check.sh ./cmd/... ./internal/...
=== Checking format...
=== Finished
=== Vetting...
=== Finished
=== Linting...
=== Finished
=== Running gosec...
=== Finished
go test -count=1 -cover -race -timeout 30s -short ./...
?       github.com/dell/karavi-topology/cmd/topology    [no test files]
ok      github.com/dell/karavi-topology/internal/entrypoint     0.031s  coverage: 100.0% of statements
?       github.com/dell/karavi-topology/internal/entrypoint/mocks       [no test files]
ok      github.com/dell/karavi-topology/internal/k8s    0.069s  coverage: 94.1% of statements
?       github.com/dell/karavi-topology/internal/k8s/mocks      [no test files]
ok      github.com/dell/karavi-topology/internal/service        0.088s  coverage: 93.1% of statements
?       github.com/dell/karavi-topology/internal/service/mocks  [no test files]
?       github.com/dell/karavi-topology/internal/tracers        [no test files]
  • GUI check
    image

Manual inspection of the GUI

I have verified that the dashboards show the data properly while generating I/O and storage resources

  • Yes
  • No

Fix the alert "Use of net/http serve function that has no
support for setting timeouts"

Replace `http.ListenAndServeTLS` with `server.Serve`.
@baoy1
Copy link
Contributor Author

baoy1 commented Oct 14, 2022

run e2e test

@baoy1
Copy link
Contributor Author

baoy1 commented Oct 14, 2022

Close. Commit was moved to PR #123 .

@baoy1 baoy1 closed this Oct 14, 2022
@baoy1 baoy1 deleted the bugfix-go-security-check branch October 18, 2022 05:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant