From 97ec8a0aff91120d8423c35f159563ff85c5e126 Mon Sep 17 00:00:00 2001 From: Admon Sasson Date: Thu, 17 Dec 2020 16:07:13 +0200 Subject: [PATCH] feat: add go.mod and go.sum manifest to all scms --- .../azure-repos/accept.json.sample | 6 +- .../bitbucket-server/accept.json.sample | 44 +++++++ .../github-com/accept.json.sample | 112 ++++++++++++++++++ .../github-enterprise/accept.json.sample | 112 ++++++++++++++++++ client-templates/gitlab/accept.json.sample | 92 +++++++++++++- 5 files changed, 361 insertions(+), 5 deletions(-) diff --git a/client-templates/azure-repos/accept.json.sample b/client-templates/azure-repos/accept.json.sample index 37a8903df..ad788b3a2 100644 --- a/client-templates/azure-repos/accept.json.sample +++ b/client-templates/azure-repos/accept.json.sample @@ -133,7 +133,11 @@ "**/Podfile", "**%2FPodfile", "**/Podfile.lock", - "**%2FPodfile.lock" + "**%2FPodfile.lock", + "**/go.mod", + "**%2Fgo.mod", + "**/go.sum", + "**%2Fgo.sum" ] }, { diff --git a/client-templates/bitbucket-server/accept.json.sample b/client-templates/bitbucket-server/accept.json.sample index 6843df6f1..53fb9a255 100644 --- a/client-templates/bitbucket-server/accept.json.sample +++ b/client-templates/bitbucket-server/accept.json.sample @@ -656,6 +656,50 @@ "password": "${BITBUCKET_PASSWORD}" } }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/projects/:project/repos/:repo/browse*/go.mod", + "origin": "https://${BITBUCKET_API}", + "auth": { + "scheme": "basic", + "username": "${BITBUCKET_USERNAME}", + "password": "${BITBUCKET_PASSWORD}" + } + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/projects/:project/repos/:repo/browse*%2Fgo.mod", + "origin": "https://${BITBUCKET_API}", + "auth": { + "scheme": "basic", + "username": "${BITBUCKET_USERNAME}", + "password": "${BITBUCKET_PASSWORD}" + } + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/projects/:project/repos/:repo/browse*/go.sum", + "origin": "https://${BITBUCKET_API}", + "auth": { + "scheme": "basic", + "username": "${BITBUCKET_USERNAME}", + "password": "${BITBUCKET_PASSWORD}" + } + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/projects/:project/repos/:repo/browse*%2Fgo.sum", + "origin": "https://${BITBUCKET_API}", + "auth": { + "scheme": "basic", + "username": "${BITBUCKET_USERNAME}", + "password": "${BITBUCKET_PASSWORD}" + } + }, { "//": "used to scan Dockerfile", "method": "GET", diff --git a/client-templates/github-com/accept.json.sample b/client-templates/github-com/accept.json.sample index 34b8af30f..2c369d976 100644 --- a/client-templates/github-com/accept.json.sample +++ b/client-templates/github-com/accept.json.sample @@ -233,6 +233,22 @@ { "path": "commits.*.modified.*", "value": "Podfile.lock" + }, + { + "path": "commits.*.added.*", + "value": "go.mod" + }, + { + "path": "commits.*.modified.*", + "value": "go.mod" + }, + { + "path": "commits.*.added.*", + "value": "go.sum" + }, + { + "path": "commits.*.modified.*", + "value": "go.sum" } ] }, @@ -999,6 +1015,54 @@ "path": "/:name/:repo/:path*%2FPodfile.lock", "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/repos/:name/:repo/contents/:path*/go.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/repos/:name/:repo/contents/:path*%2Fgo.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/:name/:repo/:path*/go.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/:name/:repo/:path*%2Fgo.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/repos/:name/:repo/contents/:path*/go.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/repos/:name/:repo/contents/:path*%2Fgo.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/:name/:repo/:path*/go.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/:name/:repo/:path*%2Fgo.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, { "//": "used to scan Dockerfile", "method": "GET", @@ -1672,6 +1736,54 @@ "path": "/:name/:repo/:path*%2FPodfile.lock", "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/repos/:name/:repo/contents/:path*/go.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/repos/:name/:repo/contents/:path*%2Fgo.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/:name/:repo/:path*/go.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/:name/:repo/:path*%2Fgo.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/repos/:name/:repo/contents/:path*/go.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/repos/:name/:repo/contents/:path*%2Fgo.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/:name/:repo/:path*/go.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/:name/:repo/:path*%2Fgo.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, { "//": "used to write or update ignore rules or existing patches", "method": "PUT", diff --git a/client-templates/github-enterprise/accept.json.sample b/client-templates/github-enterprise/accept.json.sample index 153e7439a..e7e77c805 100644 --- a/client-templates/github-enterprise/accept.json.sample +++ b/client-templates/github-enterprise/accept.json.sample @@ -233,6 +233,22 @@ { "path": "commits.*.modified.*", "value": "Podfile.lock" + }, + { + "path": "commits.*.added.*", + "value": "go.mod" + }, + { + "path": "commits.*.modified.*", + "value": "go.mod" + }, + { + "path": "commits.*.added.*", + "value": "go.sum" + }, + { + "path": "commits.*.modified.*", + "value": "go.sum" } ] }, @@ -675,6 +691,54 @@ "path": "/repos/:name/:repo/contents/:path*%2FPodfile.lock", "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/repos/:name/:repo/contents/:path*/go.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/repos/:name/:repo/contents/:path*%2Fgo.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/:name/:repo/:path*/go.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/:name/:repo/:path*%2Fgo.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/repos/:name/:repo/contents/:path*/go.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/repos/:name/:repo/contents/:path*%2Fgo.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/:name/:repo/:path*/go.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/:name/:repo/:path*%2Fgo.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, { "//": "used to update manifest or lock", "method": "PUT", @@ -987,6 +1051,54 @@ "path": "/repos/:name/:repo/contents/:path*%2FPodfile.lock", "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/repos/:name/:repo/contents/:path*/go.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/repos/:name/:repo/contents/:path*%2Fgo.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/:name/:repo/:path*/go.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/:name/:repo/:path*%2Fgo.mod", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/repos/:name/:repo/contents/:path*/go.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/repos/:name/:repo/contents/:path*%2Fgo.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_API}" + }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/:name/:repo/:path*/go.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, + { + "//": "used to update manifest or lock", + "method": "PUT", + "path": "/:name/:repo/:path*%2Fgo.sum", + "origin": "https://${GITHUB_TOKEN}@${GITHUB_RAW}" + }, { "//": "used to write or update ignore rules or existing patches", "method": "PUT", diff --git a/client-templates/gitlab/accept.json.sample b/client-templates/gitlab/accept.json.sample index 461d95657..60818c0c7 100644 --- a/client-templates/gitlab/accept.json.sample +++ b/client-templates/gitlab/accept.json.sample @@ -374,6 +374,30 @@ "path": "/api/v4/projects/:project/repository/files*%2FPodfile.lock", "origin": "https://${GITLAB}" }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/api/v4/projects/:project/repository/files*/go.mod", + "origin": "https://${GITLAB}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/api/v4/projects/:project/repository/files*%2Fgo.mod", + "origin": "https://${GITLAB}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/api/v4/projects/:project/repository/files*/go.sum", + "origin": "https://${GITLAB}" + }, + { + "//": "used to determine the full dependency tree", + "method": "GET", + "path": "/api/v4/projects/:project/repository/files*%2Fgo.sum", + "origin": "https://${GITLAB}" + }, { "//": "used to scan Dockerfile", "method": "GET", @@ -454,7 +478,11 @@ "**/Podfile", "**%2FPodfile", "**/Podfile.lock", - "**%2FPodfile.lock" + "**%2FPodfile.lock", + "**/go.mod", + "**%2Fgo.mod", + "**/go.sum", + "**%2Fgo.sum" ] } ] @@ -772,6 +800,30 @@ "path": "/api/v4/projects/:project/repository/files*%2FPodfile.lock", "origin": "https://${GITLAB}" }, + { + "//": "used to create manifest file", + "method": "POST", + "path": "/api/v4/projects/:project/repository/files*/go.mod", + "origin": "https://${GITLAB}" + }, + { + "//": "used to create manifest file", + "method": "POST", + "path": "/api/v4/projects/:project/repository/files*%2Fgo.mod", + "origin": "https://${GITLAB}" + }, + { + "//": "used to create manifest file", + "method": "POST", + "path": "/api/v4/projects/:project/repository/files*/go.sum", + "origin": "https://${GITLAB}" + }, + { + "//": "used to create manifest file", + "method": "POST", + "path": "/api/v4/projects/:project/repository/files*%2Fgo.sum", + "origin": "https://${GITLAB}" + }, { "//": "used to create ignore rules or patches", "method": "POST", @@ -838,7 +890,11 @@ "**/Podfile", "**%2FPodfile", "**/Podfile.lock", - "**%2FPodfile.lock" + "**%2FPodfile.lock", + "**/go.mod", + "**%2Fgo.mod", + "**/go.sum", + "**%2Fgo.sum" ] } ] @@ -1155,6 +1211,30 @@ "path": "/api/v4/projects/:project/repository/files*%2FPodfile.lock", "origin": "https://${GITLAB}" }, + { + "//": "used to update manifest file", + "method": "PUT", + "path": "/api/v4/projects/:project/repository/files*/go.mod", + "origin": "https://${GITLAB}" + }, + { + "//": "used to update manifest file", + "method": "PUT", + "path": "/api/v4/projects/:project/repository/files*%2Fgo.mod", + "origin": "https://${GITLAB}" + }, + { + "//": "used to update manifest file", + "method": "PUT", + "path": "/api/v4/projects/:project/repository/files*/go.sum", + "origin": "https://${GITLAB}" + }, + { + "//": "used to update manifest file", + "method": "PUT", + "path": "/api/v4/projects/:project/repository/files*%2Fgo.sum", + "origin": "https://${GITLAB}" + }, { "//": "used to update ignore rules or existing patches", "method": "PUT", @@ -1221,12 +1301,16 @@ "**/Podfile", "**%2FPodfile", "**/Podfile.lock", - "**%2FPodfile.lock" + "**%2FPodfile.lock", + "**/go.mod", + "**%2Fgo.mod", + "**/go.sum", + "**%2Fgo.sum" ] } ] }, - + { "//": "allow webhooks to be added, to allow commits to be checked by Snyk. Rules for what is sent to Snyk are controlled in the `public` accept filters", "method": "POST",