ROX-14973: Various fixes for release-3.72#4830
Conversation
|
/test openshift-newest-operator-e2e-tests |
1 similar comment
|
/test openshift-newest-operator-e2e-tests |
|
Images are ready for the commit at 0a735eb. To use with deploy scripts, first |
|
/test openshift-penultimate-operator-e2e-tests |
|
| GitGuardian id | Secret | Commit | Filename | |
|---|---|---|---|---|
| 3038032 | Generic High Entropy Secret | 4bba794 | sensor/common/centralclient/client_test.go | View secret |
| 3038032 | Generic High Entropy Secret | 4bba794 | sensor/common/centralclient/client_test.go | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secrets safely. Learn here the best practices.
- Revoke and rotate these secrets.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Our GitHub checks need improvements? Share your feedbacks!
|
/test openshift-penultimate-operator-e2e-tests /test openshift-penultimate-qa-e2e-tests |
| @@ -18,13 +18,14 @@ $ LOAD_BALANCER=route ./deploy/openshift/deploy.sh | |||
|
|
|||
There was a problem hiding this comment.
(not about this line)
It seems changes are applied fine in this PR (except of one case I highlighted).
I did not go to check what each separate included PR means or fixes, but the ones about PSP and CronJobs that are included definitely seem relevant.
My main question: what was the method you used to determine which changes to pick for this PR?
How do we make sure that there are no other PRs that should be included too?
There was a problem hiding this comment.
Looks like all items returned from the following commands are here and the rest I assume were hand-picked for tests to pass.
git log -G PodSecurityPolicy
git log -G PSP
git log -G batch/v1
msugakov
left a comment
There was a problem hiding this comment.
Please delete the redundant fragment.
Co-authored-by: Misha Sugakov <537715+msugakov@users.noreply.github.com>
Description
WIP.
Picked so far
d955417 [ROX-13500] Perform type check for V1 CronJob (#3787)
eb1b45f Start using the batch/v1 api for CronJobs (#3854)
5e1595c ROX-14485: update monitoring psp (#4655)
f5baf26 ROX-14427: set PSPs for CI to false for k8s version 1.25 and higher (#4488)
42719ea ROX-12856: roxctl: Make sure that PSPs are not rendered for deployment bundles (#3230)
For test flakes
497b8b2 [ROX-9864] : Sleep after creating deployment to wait for image CVEs being discovered and added to db (#3834)
75091a7 CI: Handle updated vuln counts (#3471)
8b7f402 CI: Increase a range of CVE count to avoid flakes (#3415)
d252f1f Drop PodSecurityPolicy from errors files. (#4774)
4bba794 Fix TLSChallenge certificate test flake and increase cert expiry date (#3843)
3c38bb8 booleanpolicy-test-follow-up (#4255)
dec194c fix-booleanpolicy-test (#4253)
4b47141 CI: Switch to containerd for k8s v1.23 support (#3650)
Checklist
Testing Performed
CI is sufficient