Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Gitlab: Add support for the Release entity #4706

Merged
merged 3 commits into from
Oct 10, 2024
Merged

Gitlab: Add support for the Release entity #4706

merged 3 commits into from
Oct 10, 2024

Conversation

JAORMX
Copy link
Contributor

@JAORMX JAORMX commented Oct 10, 2024
edited
Loading

Summary

This adds preliminary support for the Release entity within the gitlab provider.

A release is based on a tag and has branch information (critical for remediating the flow).

Note that it requires #4704 to merge beforehand.

Change Type

Mark the type of change your PR introduces:

  • Bug fix (resolves an issue without affecting existing features)
  • Feature (adds new functionality without breaking changes)
  • Breaking change (may impact existing functionalities or require documentation updates)
  • Documentation (updates or additions to documentation)
  • Refactoring or test improvements (no bug fixes or new functionality)

Testing

Outline how the changes were tested, including steps to reproduce and any relevant configurations.
Attach screenshots if helpful.

Review Checklist:

  • Reviewed my own code for quality and clarity.
  • Added comments to complex or tricky code sections.
  • Updated any affected documentation.
  • Included tests that validate the fix or feature.
  • Checked that related changes are merged.

@JAORMX JAORMX marked this pull request as draft October 10, 2024 02:43
@stacklok-cloud-staging Stacklok Cloud (Staging)
Copy link

stacklok-cloud-staging bot commented Oct 10, 2024
edited
Loading

Minder Vulnerability Report ✅

Minder analyzed this PR and found it does not add any new vulnerable dependencies.

Vulnerability scan of 90f94111:

  • 🐞 vulnerable packages: 0
  • 🛠 fixes available for: 0

stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Oct 10, 2024
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: golang.org/x/mod

Trusty Score: 0

Scoring details
Component Score
Repository activity 0
From activity
Package activity 0
Trust-summary 2.7
Provenance 10
User activity 0

stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Oct 10, 2024
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: golang.org/x/mod

Trusty Score: 0

Scoring details
Component Score
Trust-summary 0
Provenance 10
User activity 0
Repository activity 0
From activity
Package activity 0

@coveralls
Copy link

coveralls commented Oct 10, 2024
edited
Loading

Coverage Status

coverage: 52.865% (-0.5%) from 53.34%
when pulling c58f99a on JAORMX:gitlab-releases
into a4d5c7f on stacklok:main.

stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Oct 10, 2024
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: golang.org/x/mod

Trusty Score: 0

Scoring details
Component Score
Provenance 10
User activity 0
Repository activity 0
From activity
Package activity 0
Trust-summary 0

stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Oct 10, 2024
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: golang.org/x/mod

Trusty Score: 0

Scoring details
Component Score
Trust-summary 0
Provenance 10
User activity 0
Repository activity 0
From activity
Package activity 0

stacklok-cloud-staging[bot]
stacklok-cloud-staging bot reviewed Oct 10, 2024
View reviewed changes
Copy link

@stacklok-cloud-staging stacklok-cloud-staging bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency Information

Minder analyzed the dependencies introduced in this pull request and detected that some dependencies do not meet your security profile.

📦 Dependency: golang.org/x/mod

Trusty Score: 0

Scoring details
Component Score
From activity
Package activity 0
Trust-summary 0
Provenance 10
User activity 0
Repository activity 0

@JAORMX JAORMX changed the title Gitlab: Add support for the Release entity. Gitlab: Add support for the Release entity Oct 10, 2024
@JAORMX
Gitlab: Add support for the Release entity.
bc06fc9 
Signed-off-by: Juan Antonio Osorio <[email protected]>
@JAORMX
Add tag to persistent properties for gitlab releases
de60f29 
This also renames `tag_name` to just `tag`

Signed-off-by: Juan Antonio Osorio <[email protected]>
@JAORMX
Add release output to profile get list
c58f99a 
Signed-off-by: Juan Antonio Osorio <[email protected]>
@JAORMX JAORMX marked this pull request as ready for review October 10, 2024 16:58
puerco
puerco approved these changes Oct 10, 2024
View reviewed changes
Copy link
Contributor

@puerco puerco left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, I think there are a few other properties that we should capture but this is an awesome start. Thanks!

internal/providers/gitlab/manager/webhook_handlers_releases.go
// TODO: Should we explicitly handle upcoming/historical releases?

switch {
case releaseEvent.Action == "create":
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These should be constants in the gitlab module but they are missing them. I'll add them.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Follow up xanzy/go-gitlab#2032

@JAORMX JAORMX merged commit 11b9b31 into mindersec:main Oct 10, 2024
20 checks passed
@JAORMX JAORMX deleted the gitlab-releases branch October 10, 2024 19:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stacklok-cloud-staging stacklok-cloud-staging[bot] stacklok-cloud-staging[bot] left review comments

@puerco puerco puerco approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@JAORMX @coveralls @puerco