| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Keeping only symlinks as the markup indicator does not trigger CI on
relevant patches changing documentation contents (there's no change in
symlink).
This can be resolved by dropping symlinks usage entirely. Sphinx and RTD
aren't going anywhere anytime soon.
To make sure all symlinks were replaced following one-liner was used:
$ find . -type l -name "*.rst" -exec readlink -e {} \; \
| xargs -I% git mv -f %{,.rst}
which finds all the symlinks in the repo with "*.rst" suffix, then reads
which file they link to and finally replaces given symlink with that
file.
This solution was suggested by:
Bartek Grzybowski <b.grzybowski@partner.samsung.com>
Issue-ID: INT-1672
Change-Id: I120e216b0b48032bb7b80c23cad799cd6f7cca53
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: SECCOM-261
Change-Id: Id4d14cf0997310b7e039fe3f5e18ea72a4f3d71c
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
This patch makes scanner compatible with its shell predecessor. The same
"expected failure" list format is used i.e.
# Comment line; will be ignored
SERVICE1 NODEPORT1
SERVICE2 NODEPORT2
Single space character is used as a field separator.
Issue-ID: SECCOM-261
Change-Id: Ieedd4e98a83ffe242c695133fdf7342e17efa9a2
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
Issue-ID: SECCOM-261
Change-Id: I465282a8793191c45d288284a127e80e1fecf513
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
This patch has not made "sslendpoints" fully compatible with
"check_for_nonssl_endpoints.sh" script yet. It sets up basic development
environment for Golang-based checkers, though.
Tool output will be added to the README after reaching full
compatibility with previous (script) version.
Development environment brought by this patch is heavily based on:
https://github.com/SamsungSLAV/boruta
Issue-ID: SECCOM-261
Change-Id: I8f035b63bea13785c40971ede5fdbbc9b6810168
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
|
This patch introduces a series of patches that will provide tools which
will succeed current security check scripts. Its two main reasons are:
* increasing tools verifiability by providing internal tests,
* improving "expected failure" support by suppressing carefully selected
set of special cases.
Each tool will use following directory structure (generated with
"tree -a --charset=ascii" command):
.
`-- check_module
|-- Dockerfile
|-- .dockerignore
|-- .gitignore
|-- go.mod
|-- main.go
|-- Makefile
|-- README
|-- README.rst -> README
`-- submodule
|-- submodule.go
`-- submodule_test.go
This will allow using Go Modules mechanism within its limitations [1]
for "non-go-get-able modules" [2][3][4] - also in case of separating
code into several modules used by multiple "check modules", e.g.
.
|-- common
| |-- common.go
| |-- common_test.go
| `-- go.mod
`-- check_module
|-- go.mod
`-- ...
It would require migration from separate Dockerfiles to a single one
(multi-stage), though.
Provided Makefiles are intended to simplify local development
(Docker-less building) and container images preparation. READMEs clarify
utility requirements and usage - file without extension is for VCS
reference, symlink for proper syntax rendering.
[1] https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository
[2] https://github.com/golang/go/wiki/Modules#can-i-work-entirely-outside-of-vcs-on-my-local-filesystem
[3] https://github.com/golang/go/issues/26645#issuecomment-408572701
[4] https://www.dim13.org/go-get-cgit
Issue-ID: SECCOM-261
Change-Id: I48eeeda66bd5570d249e96e101e431e6bab75cb3
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
|
Pawel Wieczorek