Bug 1830363 - [4.3] Remove gosec from image registry operator tests
Summary: [4.3] Remove gosec from image registry operator tests
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Image Registry
Version: 4.2.z
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 4.3.z
Assignee: Adam Kaplan
QA Contact: Wenjing Zheng
Depends On: 1830361
Blocks: 1831088
TreeView+ depends on / blocked
Reported: 2020-05-01 18:08 UTC by Adam Kaplan
Modified: 2020-05-11 21:20 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of: 1830361
: 1831088 (view as bug list)
Last Closed: 2020-05-11 21:20:39 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Github openshift cluster-image-registry-operator pull 544 None closed Bug 1830363: removing verify-sec / gosec 2020-05-26 07:53:12 UTC
Red Hat Product Errata RHBA-2020:2006 None None None 2020-05-11 21:20:41 UTC

Description Adam Kaplan 2020-05-01 18:08:52 UTC
+++ This bug was initially created as a clone of Bug #1830361 +++

Description of problem:

gosec has proved to be a problematic tool for code analysis. It should not be used in merge-blocking jobs

Version-Release number of selected component (if applicable): 4.2.0

--- Additional comment from Adam Kaplan on 2020-05-01 18:08:25 UTC ---

Marking VERIFIED - we merged this before 4.4.0 feature freeze.


Comment 3 XiuJuan Wang 2020-05-06 07:11:07 UTC
@Adam I saw it's a issue to remove gosec tool for code analysis, could we verify this directly as bug #1830361?

Comment 6 errata-xmlrpc 2020-05-11 21:20:39 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.