Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ease how we determine preprocessed location #298

Closed
wants to merge 3 commits into from
Closed

Ease how we determine preprocessed location #298

wants to merge 3 commits into from

Conversation

jeremyf
Copy link
Contributor

@jeremyf jeremyf commented Nov 27, 2023

🐛 Ease how we determine preprocessed location

8997cf6

Prior to this commit, we assumed the ancestor must have an AARK_ID.
However that is not always the case. Which is confounding given the
data structure of the files; however such is the way of the world.

With this commit we fallback to the file_set's internal information to
attempt to find the file in the preprocessed location. Namely if the
FileSet had an import_url, we'll use that to derive where it probably
went in SpaceStone.

Note: sniffing out where this file exists in SpaceStone is a very
fragile process.

Closes #289

Related to:

🧹 Add .internal_test_app

11a1ae3

Prior to this commit, when we'd push this to CI, we'd continue to
rebuild the .internal_test_app; this resulted in 2 hour build times.

By adding it to the repository, we explicitly say when we want to
rebuild the internal test application (e.g. by deleting it and letting a
local bundle exec rake rebuild it).

See the README.md for more details.

🤖 Ignore generated secrets

f50a625

I generated this file by:

  1. brew install ggshield
  2. ggshield secret scan path .internal_test_app --recursive
  3. ggshield secret ignore --last-found

First, to install the Git Guardian ggshield. Then to scan the newly
committed .internal_test_app. Finally ignoring the last found
secrets.

Prior to this commit, we assumed the ancestor must have an AARK_ID.
However that is not always the case.  Which is confounding given the
data structure of the files; however such is the way of the world.

With this commit we fallback to the file_set's internal information to
attempt to find the file in the preprocessed location.  Namely if the
FileSet had an import_url, we'll use that to derive where it probably
went in SpaceStone.

Note: sniffing out where this file exists in SpaceStone is a very
fragile process.

Closes #289

Related to:

- #289
Prior to this commit, when we'd push this to CI, we'd continue to
rebuild the `.internal_test_app`; this resulted in 2 hour build times.

By adding it to the repository, we explicitly say when we want to
rebuild the internal test application (e.g. by deleting it and letting a
local `bundle exec rake` rebuild it).

See the README.md for more details.
I generated this file by:

1. `brew install ggshield`
2. `ggshield secret scan path .internal_test_app --recursive`
3. `ggshield secret ignore --last-found`

First, to install the Git Guardian `ggshield`.  Then to scan the newly
committed `.internal_test_app`.  Finally ignoring the last found
secrets.
Copy link

gitguardian bot commented Nov 27, 2023

⚠️ GitGuardian has uncovered 2 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request
GitGuardian id Secret Commit Filename
8878544 Rails Master Key 11a1ae3 .internal_test_app/config/master.key View secret
8878545 Generic High Entropy Secret 11a1ae3 .internal_test_app/config/initializers/devise.rb View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secrets safely. Learn here the best practices.
  3. Revoke and rotate these secrets.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider


🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

Our GitHub checks need improvements? Share your feedbacks!

@jeremyf jeremyf closed this Nov 27, 2023
@jeremyf jeremyf deleted the i289 branch November 27, 2023 16:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

🐛 Improve error handling due to missing parent_work_identifier_property_name value
1 participant