-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: inline auth for MAAS #198
Conversation
|
GitGuardian id | GitGuardian status | Secret | Commit | Filename | |
---|---|---|---|---|---|
13388493 | Triggered | Generic High Entropy Secret | 03c7f48 | tests/integration/_validator/testcases/data/validator.yaml | View secret |
13388493 | Triggered | Generic High Entropy Secret | 03c7f48 | hack/validator.tmpl | View secret |
13388493 | Triggered | Generic High Entropy Secret | 03c7f48 | tests/integration/_validator/testcases/data/validator.yaml | View secret |
13388493 | Triggered | Generic High Entropy Secret | 03c7f48 | hack/validator.tmpl | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secrets safely. Learn here the best practices.
- Revoke and rotate these secrets.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
Signed-off-by: Matt Welke <matt.welke@spectrocloud.com>
Signed-off-by: Matt Welke <matt.welke@spectrocloud.com>
Signed-off-by: Matt Welke <matt.welke@spectrocloud.com>
5d1f150
to
3a4d248
Compare
Signed-off-by: Matt Welke <matt.welke@spectrocloud.com>
3ae1d6a
to
2ddb989
Compare
Signed-off-by: Matt Welke <matt.welke@spectrocloud.com>
Signed-off-by: Matt Welke <matt.welke@spectrocloud.com>
Signed-off-by: Matt Welke <matt.welke@spectrocloud.com>
Codecov ReportAttention: Patch coverage is @@ Coverage Diff @@
## main #198 +/- ##
==========================================
- Coverage 53.52% 53.38% -0.15%
==========================================
Files 44 45 +1
Lines 6294 6223 -71
==========================================
- Hits 3369 3322 -47
+ Misses 2076 2063 -13
+ Partials 849 838 -11
Continue to review full report in Codecov by Sentry.
|
Commits finished, ready for review. |
Replace VsphereEntityPrivilegeRule with v1alpha1.EntityPrivilegeValidationRule from plugin. Replace VsphereRolePrivilegeRule with v1alpha1.GenericRolePrivilegeValidationRule from plugin. Replace VsphereTagRule with v1alpha1.TagValidationRule from plugin. Remove top level rule slice fields from Vsphere plugin config struct. Refactor Vsphere prompt code to only fill in the rules nested within the field of the plugin config struct, not duplicating them in the now-removed top level rule slice fields of the plugin config struct. Signed-off-by: Matt Welke <matt.welke@spectrocloud.com>
Signed-off-by: Matt Welke <matt.welke@spectrocloud.com>
🤖 I have created a release *beep* *boop* --- ## [0.1.3](v0.1.2...v0.1.3) (2024-09-03) ### Features * inline auth for MAAS ([#198](#198)) ([ed78617](ed78617)) * support Azure plugin community gallery image rule ([#181](#181)) ([3d20725](3d20725)) ### Bug Fixes * ensure ErrValidationFailed is returned for maas direct validation failures ([#179](#179)) ([0e0e7b9](0e0e7b9)) * handle validation errors, result count mismatch ([#204](#204)) ([a2ea08b](a2ea08b)) * only require docker, kind when provisioning kind cluster ([#180](#180)) ([1bbdb0e](1bbdb0e)) * remove duplicate maas base values from template ([#182](#182)) ([cfa39a8](cfa39a8)) * support `validator rules check -f config.yaml` without all plugins defined ([#191](#191)) ([6829834](6829834)) ### Other * cleanup comment ([#176](#176)) ([f371927](f371927)) ### Dependency Updates * **deps:** update anchore/sbom-action action to v0.17.2 ([#184](#184)) ([00d3a5c](00d3a5c)) * **deps:** update github.com/validator-labs/validator-plugin-maas digest to e903cc7 ([#175](#175)) ([09c3ad1](09c3ad1)) * **deps:** update golang.org/x/exp digest to 9b4947d ([#190](#190)) ([8c427e9](8c427e9)) * **deps:** update module github.com/canonical/gomaasclient to v0.7.0 ([#197](#197)) ([f43a5ba](f43a5ba)) * **deps:** update module github.com/validator-labs/validator to v0.1.8 ([#120](#120)) ([fe587c6](fe587c6)) * **deps:** update module github.com/vmware/govmomi to v0.42.0 ([#172](#172)) ([f0488c9](f0488c9)) ### Refactoring * move vsphere account under auth to match new plugin api ([#189](#189)) ([90352e1](90352e1)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
Issue
Resolves #200
Description
Moves the MAAS API token into the
Auth
struct so that all required credentials for MAAS are contained in one place.Also includes a factor. Replaces each
init<plugin>rule
helper function with oneinitRule
function that uses the new validation rule interface to set the name of each rule, regardless of whether the rule is manually named by users and regardless of which plugin it comes from.Also updates each plugin to latest version.