Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create snyk-scan.yml #397

Merged
merged 3 commits into from
May 10, 2022
Merged

Create snyk-scan.yml #397

merged 3 commits into from
May 10, 2022

Conversation

jlind23
Copy link
Contributor

@jlind23 jlind23 commented May 2, 2022
edited
Loading

Snyk github action will perform the tests and then results will be pushed to the Github security tab: https://github.com/elastic/elastic-agent/security

@elasticmachine
Copy link
Contributor

elasticmachine commented May 2, 2022
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2022-05-02T14:28:41.395+0000

  • Duration: 17 min 58 sec

Test stats 🧪

Test Results
Failed 0
Passed 3849
Skipped 21
Total 3870

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

  • /package : Generate the packages.

  • run integration tests : Run the Elastic Agent Integration tests.

  • run end-to-end tests : Generate the packages and run the E2E Tests.

  • run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

@elasticmachine
Copy link
Contributor

elasticmachine commented May 2, 2022
edited
Loading

🌐 Coverage report

Name Metrics % (covered/total) Diff
Packages 95.652% (66/69) 👍
Files 69.524% (146/210) 👍
Classes 69.194% (292/422) 👍
Methods 52.493% (800/1524) 👍
Lines 38.726% (8596/22197) 👍 0.009
Conditionals 100.0% (0/0) 💚

@mergify mergify bot assigned jlind23 May 2, 2022
@mergify
Copy link
Contributor

mergify bot commented May 2, 2022

This pull request does not have a backport label. Could you fix it @jlind23? 🙏
To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

  • backport-v./d./d./d is the label to automatically backport to the 8./d branch. /d is the digit

NOTE: backport-skip has been added to this pull request.

@mergify mergify bot added the backport-skip label May 2, 2022
@jlind23 jlind23 marked this pull request as ready for review May 2, 2022 14:34
@jlind23 jlind23 requested a review from a team as a code owner May 2, 2022 14:34
@jlind23 jlind23 requested review from ph, aleksmaus and a team and removed request for a team May 2, 2022 14:34
ph
ph reviewed May 3, 2022
View reviewed changes
Copy link
Contributor

@ph ph left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jlind23 This looks to work for me.

Testing /github/workspace...

Organization:      beats
Package manager:   gomodules
Target file:       go.mod
Project name:      github.com/elastic/elastic-agent
Open source:       no
Project path:      /github/workspace
Licenses:          enabled

✔ Tested 556 dependencies for known issues, no vulnerable paths found.

@ph
Copy link
Contributor

ph commented May 3, 2022

@jlind23 We really need a better way to keep these things in sync for multiple repositories.

@jlind23
Copy link
Contributor Author

jlind23 commented May 4, 2022

@ph agree. @levinebw what would be the best way to setup snyk on multiple repositories without having to update the config in each one individually?

@ph
Copy link
Contributor

ph commented May 5, 2022

@jlind23 I think robots might have existing tooling to do just that.

@levinebw
Copy link

levinebw commented May 5, 2022

Snyk github action will perform the tests and then results will be pushed to the Github security tab: https://github.com/elastic/elastic-agent/security

@jlind23 are you sure we are at a stage to push the Snky scan results to a public tab?

@levinebw what would be the best way to setup snyk on multiple repositories without having to update the config in each one individually?

I don't know... @jkakavas @thomheymann @jportner may have some thoughts; and/or you can raise a question to [email protected]

@jlind23
Copy link
Contributor Author

jlind23 commented May 6, 2022

@levinebw AFAIK code scanning alert is not publicly available, am i wrong?

@levinebw
Copy link

levinebw commented May 6, 2022

@levinebw AFAIK code scanning alert is not publicly available, am i wrong?

I see some content under the public security tab about the job, https://github.com/elastic/elastic-agent/runs/6258878535?check_suite_focus=true, I suppose you are right, the results are not getting pushed publicly

@jlind23 jlind23 merged commit ce2c92b into main May 10, 2022
v1v added a commit to v1v/elastic-agent that referenced this pull request May 18, 2022
@v1v
Merge branch 'main' of github.com:elastic/elastic-agent into feature/…
df58c6c 
…use-orka

* 'main' of github.com:elastic/elastic-agent: (23 commits)
  [Automation] Update go release version to 1.17.10 (elastic#432)
  [Automation] Update elastic stack version to 8.3.0-4149272f for testing (elastic#435)
  [Automation] Update elastic stack version to 8.3.0-19aba912 for testing (elastic#430)
  Add extra k8s resources in clusterRole (elastic#424)
  [Automation] Update elastic stack version to 8.3.0-8ee1196f for testing (elastic#422)
  [Automation] Update elastic stack version to 8.3.0-53513548 for testing (elastic#421)
  Add tags option during enroll/install (elastic#336)
  validate kubernetes templates in .CI (elastic#417)
  add missing kube-api resources from managed agent manifest (elastic#381)
  Create snyk-scan.yml (elastic#397)
  [Automation] Update elastic stack version to 8.3.0-d380914f for testing (elastic#414)
  [Automation] Update elastic stack version to 8.3.0-5c1ff35f for testing (elastic#413)
  [Automation] Update elastic stack version to 8.3.0-6ba9f710 for testing (elastic#410)
  [Automation] Update elastic stack version to 8.3.0-a1c5cfff for testing (elastic#406)
  [Automation] Update elastic stack version to 8.3.0-7f585873 for testing (elastic#401)
  [Automation] Update elastic stack version to 8.3.0-0b6ea9f2 for testing (elastic#399)
  ci: enable coverage (elastic#377)
  Remove last dependencies on beats repo (elastic#387)
  Remove dependency on libbeat (elastic#344)
  [Automation] Update elastic stack version to 8.3.0-cb2ce38c for testing (elastic#383)
  ...
@jlind23 jlind23 deleted the jlind23/Snyk-setup branch May 4, 2023 15:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ph ph ph approved these changes

@aleksmaus aleksmaus Awaiting requested review from aleksmaus aleksmaus was automatically assigned from elastic/elastic-agent-control-plane

Assignees

@jlind23 jlind23

Labels
backport-skip
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jlind23 @elasticmachine @ph @levinebw