Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🐛 Add pip installs to Pinned-Dependencies score #2922

Merged
merged 9 commits into from
Apr 28, 2023
Merged

🐛 Add pip installs to Pinned-Dependencies score #2922

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
ac0934e
feat: Add pip install to pinned dependencies score
gabibguti Apr 27, 2023
5da4ef3
test: Fix pinned dependencies evaluation tests
gabibguti Apr 27, 2023
b29df12
test: Fix pinned dependencies e2e tests
gabibguti Apr 27, 2023
a491c31
test: Unpinned pip install score
gabibguti Apr 27, 2023
08663fb
test: Undefined pip install score
gabibguti Apr 27, 2023
9814e86
test: All dependencies pinned score
gabibguti Apr 27, 2023
5fb6537
:seedling: Bump github/codeql-action from 2.3.0 to 2.3.1 (#2920)
dependabot[bot] Apr 27, 2023
f87b98a
Merge branch 'main' into feat/score-pip-installs-in-pinned-deps
gabibguti Apr 28, 2023
caff070
Merge branch 'main' into feat/score-pip-installs-in-pinned-deps
naveensrinivasan Apr 28, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 17 additions & 1 deletion checks/evaluation/pinned_dependencies.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,14 +121,21 @@ func PinningDependencies(name string, c *checker.CheckRequest,
return checker.CreateRuntimeErrorResult(name, err)
}

// Pip installs.
pipScore, err := createReturnForIsPipInstallPinned(pr, dl)
laurentsimon marked this conversation as resolved.
Show resolved Hide resolved
if err != nil {
naveensrinivasan marked this conversation as resolved.
Show resolved Hide resolved
return checker.CreateRuntimeErrorResult(name, err)
}

// Scores may be inconclusive.
actionScore = maxScore(0, actionScore)
dockerFromScore = maxScore(0, dockerFromScore)
dockerDownloadScore = maxScore(0, dockerDownloadScore)
scriptScore = maxScore(0, scriptScore)
pipScore = maxScore(0, pipScore)

score := checker.AggregateScores(actionScore, dockerFromScore,
dockerDownloadScore, scriptScore)
dockerDownloadScore, scriptScore, pipScore)

if score == checker.MaxResultScore {
return checker.CreateMaxScoreResult(name, "all dependencies are pinned")
Expand Down Expand Up @@ -244,6 +251,15 @@ func createReturnForIsDockerfileFreeOfInsecureDownloads(pr map[checker.Dependenc
dl)
}

// Create the result for pip install commands.
func createReturnForIsPipInstallPinned(pr map[checker.DependencyUseType]pinnedResult,
dl checker.DetailLogger,
) (int, error) {
return createReturnValues(pr, checker.DependencyUseTypePipCommand,
"Pip installs are pinned",
dl)
}

func createReturnValues(pr map[checker.DependencyUseType]pinnedResult,
t checker.DependencyUseType, infoMsg string,
dl checker.DetailLogger,
Expand Down
6 changes: 3 additions & 3 deletions checks/evaluation/pinned_dependencies_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,7 @@ func Test_PinningDependencies(t *testing.T) {
Error: nil,
Score: checker.MaxResultScore,
NumberOfWarn: 0,
NumberOfInfo: 5,
NumberOfInfo: 6,
NumberOfDebug: 1,
},
},
Expand All @@ -128,9 +128,9 @@ func Test_PinningDependencies(t *testing.T) {
},
expected: scut.TestReturn{
Error: nil,
Score: 5,
Score: 6,
NumberOfWarn: 1,
NumberOfInfo: 3,
NumberOfInfo: 4,
NumberOfDebug: 1,
},
},
Expand Down
6 changes: 3 additions & 3 deletions e2e/pinned_dependencies_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ var _ = Describe("E2E TEST:"+checks.CheckPinnedDependencies, func() {
}
expected := scut.TestReturn{
Error: nil,
Score: 2,
Score: 1,
NumberOfWarn: 139,
NumberOfInfo: 1,
NumberOfDebug: 0,
Expand All @@ -74,7 +74,7 @@ var _ = Describe("E2E TEST:"+checks.CheckPinnedDependencies, func() {
}
expected := scut.TestReturn{
Error: nil,
Score: 2,
Score: 1,
NumberOfWarn: 139,
NumberOfInfo: 1,
NumberOfDebug: 0,
Expand Down Expand Up @@ -110,7 +110,7 @@ var _ = Describe("E2E TEST:"+checks.CheckPinnedDependencies, func() {
}
expected := scut.TestReturn{
Error: nil,
Score: 2,
Score: 1,
NumberOfWarn: 139,
NumberOfInfo: 1,
NumberOfDebug: 0,
Expand Down