Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Checking multiarchitecture of images #5232

Merged
merged 16 commits into from
Jul 10, 2024
Merged

feat: Checking multiarchitecture of images #5232

merged 16 commits into from
Jul 10, 2024

Conversation

YashasviDevtron
Copy link
Contributor

@YashasviDevtron YashasviDevtron commented Jun 4, 2024
edited
Loading

fixes #5315
Github action to Check multiarchitecture of images

@gitguardian GitGuardian
Copy link

gitguardian bot commented Jun 13, 2024
edited
Loading

⚠️ GitGuardian has uncovered 5 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

Since your pull request originates from a forked repository, GitGuardian is not able to associate the secrets uncovered with secret incidents on your GitGuardian dashboard.
Skipping this check run and merging your pull request will create secret incidents on your GitGuardian dashboard.

🔎 Detected hardcoded secrets in your pull request
GitGuardian id GitGuardian status Secret Commit Filename
1040826 Triggered Generic Password 31fc15e manifests/installation-script View secret
10220829 Triggered Generic High Entropy Secret 31fc15e charts/devtron/devtron-bom.yaml View secret
10220829 Triggered Generic High Entropy Secret 31fc15e charts/devtron/values.yaml View secret
2763127 Triggered Generic High Entropy Secret a1af900 scripts/devtron-reference-helm-charts/statefulset-chart_5-1-0/secrets-test-values.yaml View secret
141558 Triggered Generic High Entropy Secret a1af900 scripts/devtron-reference-helm-charts/statefulset-chart_5-1-0/env-values.yaml View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secrets safely. Learn here the best practices.
  3. Revoke and rotate these secrets.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Jun 15, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.3% Duplication on New Code

See analysis details on SonarCloud

@prakarsh-dt prakarsh-dt merged commit 1d92b1b into devtron-labs:main Jul 10, 2024
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pawan-mehta-dt pawan-mehta-dt pawan-mehta-dt left review comments

@prakarsh-dt prakarsh-dt prakarsh-dt approved these changes

@nishant-d nishant-d Awaiting requested review from nishant-d nishant-d is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Feature: check all the images pushed in release-bot should be multiarch
3 participants
@YashasviDevtron @prakarsh-dt @pawan-mehta-dt