wget source component for downloading scan results #61
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
northdpole
commented
Feb 3, 2024
•
northdpole
commented
- Convert all components to optionally skip the "run tool" step
northdpole
force-pushed
the
scan_results_src
branch
from
b4f76c7 to
6df5170
Compare
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| if err != nil { | ||
| t.Error(err) | ||
| } | ||
| defer os.Remove(f.Name()) |
There was a problem hiding this comment.
[go/errcheck] reported by reviewdog 🐶
defer os.Remove(f.Name())
| desc0 := DraconDescription{ | ||
| OriginalIssueDescription: results.Flaw[0].IssueDescription, | ||
| } | ||
| d0, _ := json.Marshal(desc0) |
There was a problem hiding this comment.
[go/errcheck] reported by reviewdog 🐶
d0, _ := json.Marshal(desc0)
| desc1 := DraconDescription{ | ||
| OriginalIssueDescription: results.Flaw[1].IssueDescription, | ||
| } | ||
| d1, _ := json.Marshal(desc1) |
There was a problem hiding this comment.
[go/errcheck] reported by reviewdog 🐶
d1, _ := json.Marshal(desc1)
Signed-off-by: Pavlos Tzianos <[email protected]>
The third_party folder is used by please to declare and vendorize third party dependencies. It is no longer needed. Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
The Helm Charts were originally automatically generated by please but now they will be explicitly hardcoded. Signed-off-by: Pavlos Tzianos <[email protected]>
Our kustomizations where not referencing the base component pipeline YAML which caused an error when trying to build the pipelineruns. We also hardcode the namespace to dracon in all the kustomizations, which is something that the user should be able to choose Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Changes: * Remove all BUILD files from the directories of the kustomize-component-generator * move the library into the pkg folder and the main into `cmd/component-generator` * fix the import paths to reflect new reality * add make targets to produce the binary and store it in the bin folder Signed-off-by: Pavlos Tzianos <[email protected]>
…rt of #62) Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
…t of #62) This commit is the last commit cleaning up the third_party directory. This directory is supposed to contain any resources that are imported from third parties as the name suggests. The only resources that we are importing from third parties at the moment are two shell scripts with helpers for beautifying the output of our shell scripts and the TektonCD OpenAPI spec which is used by us to produce OpenAPI schemas for the CRDs. Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
This commit removes all BUILD files from the components and replaces them with two scripts in the scripts folder and make targets that automate building all component containers. The Go binaries are first build using a make target with the `/bin` suffix and the path of the directory of the component. The binaries are then packaged into containers using `docker`. Each container is tagged with a tag that is produced based on the git tag of the commit. If the current commit is not tagged, the container tag will be the commit SHA + how many commits ahead of the latest tagged commit + the latest tag in the branch's history. For some components, extra functionality is needed because we use a different name for the component or some extra functionality. For these cases, we allow a special Makefile to be placed in the directory and we expect targets with specific names to be present. If they are, the top level Makefile will invoke them and allow them to build the component in whatever way they want. Changes Signed-off-by: Pavlos Tzianos <[email protected]>
The dev deployment is now based entirely on Helm packages. The Helm packages are invoked using the `dev-deploy` target which uses various other targets as dependencies to ensure that all Dracon dependencies are deployed with one command. Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
The third_party folder is used by please to declare and vendorize third party dependencies. It is no longer needed. Signed-off-by: Pavlos Tzianos <[email protected]>
The Helm Charts were originally automatically generated by please but now they will be explicitly hardcoded. Signed-off-by: Pavlos Tzianos <[email protected]>
Our kustomizations where not referencing the base component pipeline YAML which caused an error when trying to build the pipelineruns. We also hardcode the namespace to dracon in all the kustomizations, which is something that the user should be able to choose Signed-off-by: Pavlos Tzianos <[email protected]>
Changes: * Remove all BUILD files from the directories of the kustomize-component-generator * move the library into the pkg folder and the main into `cmd/component-generator` * fix the import paths to reflect new reality * add make targets to produce the binary and store it in the bin folder Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
This commit removes all BUILD files from the components and replaces them with two scripts in the scripts folder and make targets that automate building all component containers. The Go binaries are first build using a make target with the `/bin` suffix and the path of the directory of the component. The binaries are then packaged into containers using `docker`. Each container is tagged with a tag that is produced based on the git tag of the commit. If the current commit is not tagged, the container tag will be the commit SHA + how many commits ahead of the latest tagged commit + the latest tag in the branch's history. For some components, extra functionality is needed because we use a different name for the component or some extra functionality. For these cases, we allow a special Makefile to be placed in the directory and we expect targets with specific names to be present. If they are, the top level Makefile will invoke them and allow them to build the component in whatever way they want. Changes Signed-off-by: Pavlos Tzianos <[email protected]>
The dev deployment is now based entirely on Helm packages. The Helm packages are invoked using the `dev-deploy` target which uses various other targets as dependencies to ensure that all Dracon dependencies are deployed with one command. Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
Remove all please related lint commands and refactor Github action to use the newly introduced lint make target. The lint make target invokes in turn reviewdog with the proper configuration that allows multiple tools to be executed in parallel and output configuration. For the Github action we make sure to invoke reviewdog only on the changes introduced in the PR to avoid having to correct existing issues that already existed as a prerequisite of landing a PR. Signed-off-by: Pavlos Tzianos <[email protected]>
Refactors the Github test action to use the newly introduced test make target that invokes go test for all the packages of the repo. The user is able to modify which go packages are being tested using the GO_TEST_PACKAGES environment variable when invoking the make command. Signed-off-by: Pavlos Tzianos <[email protected]>
The Github action checking the format of the code has been refactored to use the newly introduced make target which formats the code. If the Github action discovers that the formatting tools have introduced changes to the codebase it will fail. That way the contributor can be notified that the code is not formatted according to the standards. Signed-off-by: Pavlos Tzianos <[email protected]>
A lot of tests in the pkg where not checking properly for errors returned by various function calls. We also used the `assert.Nil` function for checking for the existence of errors, instead of the `require.NoError` which has clearer semantics and will force the tests to stop immediately if an error has been returned. Finally, in many tests we included the testdata in the GO code which means that changing the data would make it look like we changed the test code itself. The test data where moved into separate folders to make the code clearer to read. Signed-off-by: Pavlos Tzianos <[email protected]>
A lot of tests for our components where not checking properlu for the existence of errors, an issue that was identified by the linters and is now fixed. We also switched to using `require.NoError` to make sure that tests will stop if an error is returned anywhere. Finally, in some tests, testdata where included as variables in the code, which have now been split into their own files for more clarity. Signed-off-by: Pavlos Tzianos <[email protected]>
Signed-off-by: Pavlos Tzianos <[email protected]>
northdpole
force-pushed
the
scan_results_src
branch
from
e1bb1ca to
a066fd2
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.