diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 435c87e5b..3bfba4916 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,3 +1,3 @@ # GitHub code owners # See https://github.com/blog/2392-introducing-code-owners -* @wiliansilvazup @matheusalcantarazup @lucasbrunozup @nathanmartinszup @iancardosozup @oliveirafelipezup +* @ZupIT/project-horus-sec-rw @ZupIT/project-horus-sec-admin @ZupIT/appsec-admin diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 989d98345..07ed2802a 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -33,5 +33,10 @@ jobs: - uses: actions/setup-go@v3 with: go-version: 1.17 + + - name: Download Examples repository + run: | + git clone https://github.com/ZupIT/horusec-examples-vulnerabilities.git ../horusec-examples-vulnerabilities + - name: coverage run: make coverage diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 83a1832fe..340008c62 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -50,5 +50,9 @@ jobs: with: docker_buildx: false + - name: Download Examples repository + run: | + git clone https://github.com/ZupIT/horusec-examples-vulnerabilities.git ../horusec-examples-vulnerabilities + - name: test run: make test diff --git a/e2e/analysis/test_case.go b/e2e/analysis/test_case.go index 8ebad595d..561b4d341 100644 --- a/e2e/analysis/test_case.go +++ b/e2e/analysis/test_case.go @@ -651,7 +651,7 @@ func NewTestCase() []*TestCase { testutil.StartFlagEnableGitHistory: "true", testutil.StartFlagEnableCommitAuthor: "true", testutil.StartFlagAnalysisTimeout: "10000", - testutil.StartFlagIgnore: "**/ruby/**, **/javascript/**, **/python/**, **/go/**", + testutil.StartFlagIgnore: "**/ruby/**, **/javascript/**, **/python/**, **/go/example*/**", }, }, Expected: Expected{ diff --git a/internal/controllers/language_detect/language_detect.go b/internal/controllers/language_detect/language_detect.go index 7a657947e..30413d26f 100644 --- a/internal/controllers/language_detect/language_detect.go +++ b/internal/controllers/language_detect/language_detect.go @@ -168,7 +168,7 @@ func (ld *LanguageDetect) checkDefaultPathsToIgnore(path string) bool { } } if !ld.config.EnableGitHistoryAnalysis { - return strings.Contains(path, ".git") + return strings.Contains(path, ".git"+string(os.PathSeparator)) || strings.HasSuffix(path, ".git") } return false } diff --git a/internal/controllers/language_detect/language_detect_test.go b/internal/controllers/language_detect/language_detect_test.go index df0f6473d..8fbca5cd8 100644 --- a/internal/controllers/language_detect/language_detect_test.go +++ b/internal/controllers/language_detect/language_detect_test.go @@ -70,6 +70,27 @@ func TestLanguageDetectIgnoreFiles(t *testing.T) { assertTestLanguageDetectIgnoreFiles(t, cfg) } +func TestLanguageDetectIgnoreFilesGithubFolder(t *testing.T) { + logger.LogSetOutput(io.Discard) + + cfg := config.New() + cfg.EnableGitHistoryAnalysis = true + cfg.EnableCommitAuthor = true + cfg.FilesOrPathsToIgnore = []string{"**/leaks/**", "**/yaml/**"} + cfg.ProjectPath = filepath.Join(testutil.RootPath, "..", "horusec-examples-vulnerabilities") + + analysisID := uuid.New() + + ld := NewLanguageDetect(cfg, analysisID) + + langs, err := ld.Detect(cfg.ProjectPath) + assert.Contains(t, langs, languages.Yaml) + assert.NoError(t, err) + assert.DirExists(t, filepath.Join(cfg.ProjectPath, ".horusec", analysisID.String(), ".git")) + assert.DirExists(t, filepath.Join(cfg.ProjectPath, ".horusec", analysisID.String(), ".github")) + assert.FileExists(t, filepath.Join(cfg.ProjectPath, ".horusec", analysisID.String(), ".github", "workflows", "license.yaml")) +} + func assertTestLanguageDetectIgnoreFiles(t *testing.T, cfg *config.Config) { analysisID := uuid.New() diff --git a/internal/services/formatters/generic/deployments/Dockerfile b/internal/services/formatters/generic/deployments/Dockerfile index 700d71635..1d06ab0d3 100644 --- a/internal/services/formatters/generic/deployments/Dockerfile +++ b/internal/services/formatters/generic/deployments/Dockerfile @@ -21,6 +21,8 @@ RUN "$JAVA_HOME/bin/jlink" --compress=2 \ FROM python:3.10.4-alpine3.14 +RUN apk add build-base + RUN pip install semgrep==v0.85.0 COPY --from=jlink /jlinked /opt/jdk/