Skip to content

buildah: ignore tests and vendor directories #30

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 7, 2025
Merged

buildah: ignore tests and vendor directories #30

merged 1 commit into from
May 7, 2025

Conversation

siteshwar
Copy link
Member

@siteshwar
Copy link
Member Author

@lsm5 Would it be possible for you to review this pull request? There has been significant amount of warnings generated for tests. Scanning these tests should be disabled unless upstream plans to fix them.

@siteshwar
Copy link
Member Author

However, there have been several fixes made in tests due to reports from OpenScanHub:

containers/buildah#6023 (comment)
containers/buildah#5841 (comment)
containers/buildah#6126 (comment)

@siteshwar
Copy link
Member Author

@lsm5 All of these findings are from shellcheck. It would be more useful to directly enable differential shellcheck in upstream to catch these warnings automatically. I am going to merge this pull request.

@siteshwar siteshwar merged commit 5770581 into openscanhub:main May 7, 2025
@siteshwar siteshwar deleted the add-kfp-buildah branch May 7, 2025 07:04
@lsm5
Copy link

lsm5 commented May 7, 2025

@lsm5 All of these findings are from shellcheck. It would be more useful to directly enable differential shellcheck in upstream to catch these warnings automatically. I am going to merge this pull request.

Ack, I guess we can't control much the stuff in buildah/vendor/ but something can (and should) be done about the test scripts. Differential shellcheck sgtm. @nalind @flouthoc wdyt?

@siteshwar
Copy link
Member Author

siteshwar commented May 7, 2025
edited
Loading

@lsm5 I would go further to suggest you to disable osh-diff-scan check in upstream. We are not scanning Go code yet. So, scan results would be empty. However, you would still see the results during mass scans.

lsm5 added a commit to lsm5/buildah that referenced this pull request May 7, 2025
@lsm5
[skip-ci] Packit: Disable osh_diff_scan
60050f9 
No golang support yet in osh diff scan.
Ref: openscanhub/known-false-positives#30 (comment)

Signed-off-by: Lokesh Mandvekar <[email protected]>
@lsm5 lsm5 mentioned this pull request May 7, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@siteshwar @lsm5