-
Notifications
You must be signed in to change notification settings - Fork 92
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Secret Scanning Alerts migration - update to new location types #1306
base: main
Are you sure you want to change the base?
Secret Scanning Alerts migration - update to new location types #1306
Conversation
Unit Test Results865 tests 865 ✅ 20s ⏱️ Results for commit eced510. ♻️ This comment has been updated with latest results. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
While I am not super familiar with secret scanning, the code changes looks good my main concern is there is a bit of a logic changes do we have enough unit test coverage?
Co-authored-by: Arin Ghazarian <[email protected]>
Co-authored-by: Arin Ghazarian <[email protected]>
Thanks for reviewing and for your suggestions @ArinGhazarian! I've addressed the points made and and included another four tests to cover few more cases for the matching algorithms and couple of 'edge' cases for repos with no secret scanning alerts. |
PR implements #1305
ThirdPartyNotices.txt
(if applicable)Summary of code changes
src/Octoshift/Models/GithubSecretScanningAlert.cs
GithubSecretScanningAlert
to include resolution commentGithubSecretScanningAlertLocation
to include types of location and related infosrc/Octoshift/Services/GithubApi.cs
to work with new model definitionresolution_comment
when updating alertsrc/Octoshift/Services/SecretScanningAlertService.cs
in regards to matching the locations of alerts criteria to include the new location types; and the algorithm for matching alerts between source and target repositories.Instead of iterating thru all alerts in a list to match an alert from source and target we now use dictionary for the lookup. We use this lookup to match all locations on all alerts; The criteria for matching alerts follows the similar structure as before but included couple of guards/pre-flight checks to further speed up the matching process. Performance optimization has benefits when migrating repositories with big number of alerts.