Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improving rule r0006 #410

Merged
merged 7 commits into from
Nov 24, 2024
Merged

Improving rule r0006 #410

merged 7 commits into from
Nov 24, 2024

Conversation

amitschendel
Copy link
Collaborator

Overview

@amitschendel
Improving rule r0006
82c1608 
Signed-off-by: Amit Schendel <[email protected]>
@amitschendel amitschendel requested a review from matthyx November 21, 2024 11:25
@amitschendel amitschendel added the release Create release label Nov 21, 2024
matthyx
matthyx reviewed Nov 21, 2024
View reviewed changes
pkg/ruleengine/v1/r0006_unexpected_service_account_token_access.go

// normalizeTokenPath removes timestamp directories from the path while maintaining
// the essential structure. Optimized for minimal allocations.
func normalizeTokenPath(path string) string {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do you have a time constraint on this? because splitting and joining strings are really wasteful
you can check how much fun we had with indexing strings in https://github.com/kubescape/storage/blob/2b75b33130a55255df7575dc473a49858e3e325d/pkg/registry/file/dynamicpathdetector/analyzer.go#L137

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you have a better suggestion? I am not that worried about performance because we first filter the prefix, wdyt?

matthyx
matthyx previously approved these changes Nov 21, 2024
View reviewed changes
Copy link
Contributor

@matthyx matthyx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just check the comment regarding performance

@github-actions GitHub Actions
Copy link

Summary:

  • License scan: success
  • Credentials scan: failure
  • Vulnerabilities scan: failure
  • Unit test: success
  • Go linting: success

@amitschendel
Fixing logic
dc7b638 
Signed-off-by: Amit Schendel <[email protected]>
@github-actions GitHub Actions
Copy link

Summary:

  • License scan: success
  • Credentials scan: failure
  • Vulnerabilities scan: failure
  • Unit test: success
  • Go linting: success

@amitschendel
Adding test
3da3346 
Signed-off-by: Amit Schendel <[email protected]>
@github-actions GitHub Actions
Copy link

Summary:

  • License scan: success
  • Credentials scan: failure
  • Vulnerabilities scan: failure
  • Unit test: success
  • Go linting: success

@amitschendel
Fixing test
67327b3 
Signed-off-by: Amit Schendel <[email protected]>
@github-actions GitHub Actions
Copy link

Summary:

  • License scan: success
  • Credentials scan: failure
  • Vulnerabilities scan: failure
  • Unit test: success
  • Go linting: success

@amitschendel
Adding test
4dd1789 
Signed-off-by: Amit Schendel <[email protected]>
@github-actions GitHub Actions
Copy link

Summary:

  • License scan: success
  • Credentials scan: failure
  • Vulnerabilities scan: failure
  • Unit test: success
  • Go linting: success

@amitschendel
Removing patch command
79fec5d 
Signed-off-by: Amit Schendel <[email protected]>
@github-actions GitHub Actions
Copy link

Summary:

  • License scan: success
  • Credentials scan: failure
  • Vulnerabilities scan: failure
  • Unit test: success
  • Go linting: success

@amitschendel amitschendel merged commit 4200522 into main Nov 24, 2024
19 checks passed
@amitschendel amitschendel deleted the feature/improve-rule branch November 24, 2024 12:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matthyx matthyx matthyx left review comments

Assignees
No one assigned
Labels
release Create release
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@amitschendel @matthyx