Ensure no symlinks provided for expected files (!980) · Merge requests · Iron Bank / ironbank-pipeline

Kenneth Maguire requested to merge 533-ensure-path-no-symlinks into master Jul 26, 2022

Merge Request Description

Check expected files for symlinks and fail if one is found. Symlink checks are the first to run before any other lint checks, and prevent any other checks if a symlink is found.

Additional changes:

Add validate method to DsopProject
Move trufflehog after lint to prevent following symlinks

Merge Request BOE

Risk

low

Rollback Plan

Revert MR

Testing

Local testing performed successfully

Unit tests added

Staging tests:

https://code-ib-mario.staging.dso.mil/dsop/redhat/ubi/ubi8/-/jobs/31425 (expected failure)
https://code-ib-mario.staging.dso.mil/dsop/redhat/ubi/ubi8/-/pipelines/2393 (expected success and full master run)
https://code-ib-mario.staging.dso.mil/dsop/redhat/ubi/ubi8/-/pipelines/2388 (distroless template)
https://code-ib-mario.staging.dso.mil/dsop/canonical/ubuntu/ubuntu20/-/pipelines/2396 (ubuntu template)

Closes #533

Edited Jul 26, 2022 by Kenneth Maguire

Ensure no symlinks provided for expected files

Merge Request Description

Merge Request BOE

Risk

Rollback Plan

Testing

Merge request reports