Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Github Token as argument to appsec:ruleset:update task #3895

Merged
merged 3 commits into from
Sep 6, 2024
Merged

Add Github Token as argument to appsec:ruleset:update task #3895

merged 3 commits into from
Sep 6, 2024

Conversation

y9v
Copy link
Member

@y9v y9v commented Sep 6, 2024

What does this PR do?
This PR modifies appsec:ruleset:update rake task to use GITHUB_TOKEN env variable for fetching AppSec rulesets.

Motivation:
Repository appsec-event-rules is now private, so we can't download ruleset files without a token.

Additional Notes:
-

How to test the change?
Run GITHUB_TOKEN=... bundle exec rake appsec:ruleset:update[1.13.1]

@y9v y9v self-assigned this Sep 6, 2024
@y9v y9v requested a review from a team as a code owner September 6, 2024 13:46
TonyCTHsu
TonyCTHsu reviewed Sep 6, 2024
View reviewed changes
tasks/appsec.rake Outdated
http.request(req) do |res|
case res
when Net::HTTPSuccess
File.open("lib/datadog/appsec/assets/waf_rules/#{ruleset}.json", 'wb') do |f|
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor: Perhaps validate whether the file exist before sending http request. Kind of being protective when people refactor code and move files around.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, it definitely makes sense to check

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added here: e3a7fcd

@pr-commenter
Copy link

pr-commenter bot commented Sep 6, 2024
edited
Loading

Benchmarks

Benchmark execution time: 2024-09-06 14:40:18

Comparing candidate commit e3a7fcd in PR branch appsec-add-pat-to-ruleset-update-task with baseline commit 298af84 in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 23 metrics, 2 unstable metrics.

@codecov-commenter
Copy link

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 97.86%. Comparing base (298af84) to head (e3a7fcd).
Report is 5 commits behind head on master.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #3895   +/-   ##
=======================================
  Coverage   97.85%   97.86%           
=======================================
  Files        1277     1277           
  Lines       76403    76403           
  Branches     3744     3744           
=======================================
+ Hits        74767    74772    +5     
+ Misses       1636     1631    -5

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@y9v y9v merged commit f962063 into master Sep 6, 2024
189 of 191 checks passed
@y9v y9v deleted the appsec-add-pat-to-ruleset-update-task branch September 6, 2024 15:02
@anmarchenko anmarchenko added this to the 2.4.0 milestone Sep 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TonyCTHsu TonyCTHsu TonyCTHsu approved these changes

@anmarchenko anmarchenko anmarchenko approved these changes

Assignees

@y9v y9v

Labels
None yet
Projects
None yet
Milestone
2.4.0
Development

Successfully merging this pull request may close these issues.
4 participants
@y9v @codecov-commenter @anmarchenko @TonyCTHsu