Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SDL] CSCAN-GENERAL0060 - File: tests/Aspire.Hosting.Tests/RabbitMQ/AddRabbitMQTests.cs #3162

Closed
RussKie opened this issue Mar 26, 2024 · 0 comments · Fixed by #3245
Closed

[SDL] CSCAN-GENERAL0060 - File: tests/Aspire.Hosting.Tests/RabbitMQ/AddRabbitMQTests.cs #3162

RussKie opened this issue Mar 26, 2024 · 0 comments · Fixed by #3245
Assignees
@eerhardt
Labels
area-engineering-systems infrastructure helix infra engineering repo stuff blocking-clean-ci Blocking a green CI security 🔐

Comments

@RussKie
Copy link
Member

RussKie commented Mar 26, 2024

This is a compliance issue, though since we're not using real credentials this is a "false positive". The issue was introduced by #3023.

https://dev.azure.com/dnceng/internal/_build/results?buildId=2414475&view=logs&j=bc38e8b8-e027-53cb-48e7-2adbd1070eca&t=d1aba2c3-5b21-511d-f336-affeabd629f9&l=52

Credential Scanner Error CSCAN-GENERAL0060 - File: tests/Aspire.Hosting.Tests/RabbitMQ/AddRabbitMQTests.cs. Line: 61. Column 1. 
Signature: e8715d14a0866d36d90e86bd39d2fdb641fed797b3870339d9b47f0cd739b1a6
Tool: Credential Scanner: Rule: CSCAN-GENERAL0060 (Found General Password.). 
{Searcher}CSCAN-GENERAL0060
{Code}See AddRabbitMQTests.cs line 61 for the code resulting in match
{Info}Found General Password.
{Suggest}Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan

My understanding the scanner isn't liking guest:pass1 part of Assert.Equal("amqp://guest:pass1@localhost:27011", connectionString); line.
@eerhardt could you please have it remediated.
@RussKie RussKie added area-engineering-systems infrastructure helix infra engineering repo stuff security 🔐 blocking-clean-ci Blocking a green CI labels Mar 26, 2024
RussKie added a commit that referenced this issue Mar 28, 2024
@RussKie
Suppress 'false positive' credscan violations
c3f8866 
Resolves #3162
Resolves #3163
@RussKie RussKie mentioned this issue Mar 28, 2024
Merged
RussKie added a commit that referenced this issue Mar 28, 2024
@RussKie
Suppress 'false positive' credscan violations (#3245)
126b185 
Resolves #3162
Resolves #3163
@github-actions github-actions bot locked and limited conversation to collaborators Apr 27, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@eerhardt eerhardt

Labels
area-engineering-systems infrastructure helix infra engineering repo stuff blocking-clean-ci Blocking a green CI security 🔐
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Suppress 'false positive' credscan violations dotnet/aspire
2 participants
@RussKie @eerhardt