Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Refrence chart 4.19 added #4939

Open
wants to merge 73 commits into
base: main
Choose a base branch
from
Open

feat: Refrence chart 4.19 added #4939

wants to merge 73 commits into from

Conversation

kamal-devtron
Copy link
Contributor

@kamal-devtron kamal-devtron commented Apr 15, 2024
edited by rupinSec
Loading

Description

Fixes #

Checklist:

  • The title of the PR states what changed and the related issues number (used for the release note).
  • Does this PR requires documentation updates?
  • I've updated documentation as required by this PR.
  • I have performed a self-review of my own code.
  • I have commented my code, particularly in hard-to-understand areas.
  • I have tested it for all user roles.
  • I have added all the required unit/api test cases.

Does this PR introduce a user-facing change?

@gitguardian GitGuardian
Copy link

gitguardian bot commented Apr 15, 2024
edited
Loading

⚠️ GitGuardian has uncovered 12 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

Since your pull request originates from a forked repository, GitGuardian is not able to associate the secrets uncovered with secret incidents on your GitGuardian dashboard.
Skipping this check run and merging your pull request will create secret incidents on your GitGuardian dashboard.

🔎 Detected hardcoded secrets in your pull request
GitGuardian id GitGuardian status Secret Commit Filename
10220829 Triggered Generic High Entropy Secret 4753231 devtron-images.txt.source View secret
10220829 Triggered Generic High Entropy Secret 279da7f charts/devtron/values.yaml View secret
10220829 Triggered Generic High Entropy Secret 279da7f charts/devtron/devtron-bom.yaml View secret
9257608 Triggered Base64 AWS keys 78febd9 scripts/devtron-reference-helm-charts/deployment-chart_4-20-0/test-values.json View secret
2763127 Triggered Generic High Entropy Secret 024d62a scripts/devtron-reference-helm-charts/reference-chart_4-19-0/secrets-test-values.yaml View secret
2763127 Triggered Generic High Entropy Secret b5ef536 scripts/devtron-reference-helm-charts/reference-chart_4-19-0/secrets-test-values.yaml View secret
2763127 Triggered Generic High Entropy Secret 78febd9 scripts/devtron-reference-helm-charts/deployment-chart_4-20-0/secrets-test-values.yaml View secret
2763127 Triggered Generic High Entropy Secret 14d998f scripts/devtron-reference-helm-charts/reference-chart_4-19-0/secrets-test-values.yaml View secret
141558 Triggered Generic High Entropy Secret 78febd9 scripts/devtron-reference-helm-charts/deployment-chart_4-20-0/env-values.yaml View secret
141558 Triggered Generic High Entropy Secret b5ef536 scripts/devtron-reference-helm-charts/reference-chart_4-19-0/env-values.yaml View secret
141558 Triggered Generic High Entropy Secret 14d998f scripts/devtron-reference-helm-charts/reference-chart_4-19-0/env-values.yaml View secret
141558 Triggered Generic High Entropy Secret 024d62a scripts/devtron-reference-helm-charts/reference-chart_4-19-0/env-values.yaml View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secrets safely. Learn here the best practices.
  3. Revoke and rotate these secrets.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Apr 15, 2024

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Jun 12, 2024

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Aug 8, 2024

Quality Gate Failed Quality Gate failed

Failed conditions
C Security Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 18, 2024
View reviewed changes
scripts/devtron-reference-helm-charts/deployment-chart_4-20-0/templates/deployment.yaml
{{- if $.Values.topologySpreadConstraint }}
topologySpreadConstraints:
{{ toYaml .Values.topologySpreadConstraint }}
{{- end }}

Check warning

Code scanning / SonarCloud

Service account permissions should be restricted Medium

Bind this Service Account to RBAC or disable "automountServiceAccountToken". See more on SonarCloud
@rupinSec
Copy link
Contributor

rupinSec commented Oct 3, 2024

updated changes related to envoy readiness, liveness and external secret are reviewed and tested.

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Oct 3, 2024

Quality Gate Failed Quality Gate failed

Failed conditions
1 Security Hotspot
E Reliability Rating on New Code (required ≥ A)
C Security Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rupinSec rupinSec rupinSec left review comments

@prakarsh-dt prakarsh-dt Awaiting requested review from prakarsh-dt prakarsh-dt is a code owner

@vikramdevtron vikramdevtron Awaiting requested review from vikramdevtron vikramdevtron is a code owner

@kripanshdevtron kripanshdevtron Awaiting requested review from kripanshdevtron

@nishant-d nishant-d Awaiting requested review from nishant-d nishant-d is a code owner

@pawan-mehta-dt pawan-mehta-dt Awaiting requested review from pawan-mehta-dt pawan-mehta-dt is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kamal-devtron @rupinSec