-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update azure storage extra data #2808
Update azure storage extra data #2808
Conversation
added two response fields in extra data: 1) container name
body, err := io.ReadAll(res.Body) | ||
if err == nil { | ||
response := storageResponse{} | ||
if err := xml.Unmarshal(body, &response); err == nil { | ||
var containerNames []string | ||
for _, c := range response.Containers.Container { | ||
containerNames = append(containerNames, c.Name) | ||
} | ||
extraData["container_names"] = strings.Join(containerNames, ", ") | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should probably be inside the http.StatusOk
block, as I doubt it would return the info for non-success responses.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
make sense. I have moved the parsing and unmarshaling code in StatusOk block.
if err == nil { | ||
response := storageResponse{} | ||
if err := xml.Unmarshal(body, &response); err == nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would personally invert the conditions so if err != nil
returns the error, rather than discarding it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was in doubt that in case, parsing or unmarshaling get failed, should I return the error and mark verification as fail ? even we get the 200 OK response.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The decoding failing is notable because it's reasonable to expect that a 200 OK
response means the key is valid.
Personally, I might return the error AND set verified = true
because it seems highly unlikely that this would occur. However, per @rosecodym's comment you should return the error and mark verification as failed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rgmz I believe @rosecodym shared 2 choices. the second one seems to be like ignoring the additional metadata if error occures in parsing and reading the stream as verification is based on Status.OK. Please correct me if my understanding is wrong @rosecodym.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, that's correct. There are clearly some general questions to resolve:
- If we can't decode the response body, is that a fatal error?
- How should we handle non-fatal errors?
We need to decide on general answers to these general questions, but until we do, I think it is acceptable to answer them with "no" and "ignore them" respectively, because that represents a minimal change from the current behavior.
(Another option we haven't discussed yet is to redact the errors and put them themselves into ExtraData
.)
return err if parsing or reading response get failed.
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [trufflesecurity/trufflehog](https://togithub.com/trufflesecurity/trufflehog) | action | minor | `v3.76.3` -> `v3.77.0` | --- ### Release Notes <details> <summary>trufflesecurity/trufflehog (trufflesecurity/trufflehog)</summary> ### [`v3.77.0`](https://togithub.com/trufflesecurity/trufflehog/releases/tag/v3.77.0) [Compare Source](https://togithub.com/trufflesecurity/trufflehog/compare/v3.76.3...v3.77.0) #### What's Changed - Remove "finished verificationOverlap chunks" log line by [@​rgmz](https://togithub.com/rgmz) in [trufflesecurity/trufflehog#2860 - fix(deps): update module github.com/wasilibs/go-re2 to v1.5.3 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2861 - fix(deps): update module google.golang.org/api to v0.181.0 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2857 - fix(deps): update module github.com/aws/aws-sdk-go to v1.53.5 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2859 - Update azure storage extra data by [@​abmussani](https://togithub.com/abmussani) in [trufflesecurity/trufflehog#2808 - Update regex for Organization in Azure Devops detector by [@​abmussani](https://togithub.com/abmussani) in [trufflesecurity/trufflehog#2866 - fix(deps): update module github.com/aws/aws-sdk-go to v1.53.6 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2867 - \[chore] - Use http.NewRequestWithContext by [@​ahrav](https://togithub.com/ahrav) in [trufflesecurity/trufflehog#2870 - adding Groq detector by [@​0x1](https://togithub.com/0x1) in [trufflesecurity/trufflehog#2873 - Log reasons for GitLab repo exclusion by [@​rosecodym](https://togithub.com/rosecodym) in [trufflesecurity/trufflehog#2875 - \[github] Scan user repositories by [@​rgmz](https://togithub.com/rgmz) in [trufflesecurity/trufflehog#2814 - Elastic adapter by [@​camgunz](https://togithub.com/camgunz) in [trufflesecurity/trufflehog#2727 - Improve handling of Gist URLs by [@​rgmz](https://togithub.com/rgmz) in [trufflesecurity/trufflehog#2653 - Fix some GitHub source test issues by [@​rgmz](https://togithub.com/rgmz) in [trufflesecurity/trufflehog#2774 - fix(deps): update module github.com/aws/aws-sdk-go to v1.53.10 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2871 - fix(deps): update module github.com/go-logr/logr to v1.4.2 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2869 - fix(deps): update module cloud.google.com/go/secretmanager to v1.13.1 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2884 - fix(deps): update golang.org/x/exp digest to [`4c93da0`](https://togithub.com/trufflesecurity/trufflehog/commit/4c93da0) by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2883 - fix(deps): update module github.com/elastic/go-elasticsearch/v8 to v8.13.1 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2886 - fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.4 by [@​renovate](https://togithub.com/renovate) in [trufflesecurity/trufflehog#2890 - Added extra data for LaunchDarkly by [@​abmussani](https://togithub.com/abmussani) in [trufflesecurity/trufflehog#2836 - feat: support docker image history scanning by [@​jamestelfer](https://togithub.com/jamestelfer) in [trufflesecurity/trufflehog#2882 #### New Contributors - [@​camgunz](https://togithub.com/camgunz) made their first contribution in [trufflesecurity/trufflehog#2727 - [@​jamestelfer](https://togithub.com/jamestelfer) made their first contribution in [trufflesecurity/trufflehog#2882 **Full Changelog**: trufflesecurity/trufflehog@v3.76.3...v3.77.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/matter-labs/docs-nuxt-template). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNzcuOCIsInVwZGF0ZWRJblZlciI6IjM3LjM3Ny44IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Description:
Blob service of Azure storage returns containers name in response. From that, containers name is added in extra data.
Checklist:
make test-community
)?make lint
this requires golangci-lint)?