diff options
-rw-r--r-- | exceptions/apex.yaml | 14 | ||||
-rw-r--r-- | exceptions/calipso.yaml | 1 | ||||
-rw-r--r-- | exceptions/compass4nfv.yaml | 50 | ||||
-rw-r--r-- | exceptions/dovetail.yaml | 3 | ||||
-rw-r--r-- | exceptions/releng.yaml | 2 | ||||
-rw-r--r-- | ignore_list.yaml | 18 |
6 files changed, 63 insertions, 25 deletions
diff --git a/exceptions/apex.yaml b/exceptions/apex.yaml index fdf875e..8405e4a 100644 --- a/exceptions/apex.yaml +++ b/exceptions/apex.yaml @@ -12,6 +12,7 @@ file_audits: file_names: - network_settings.py - deploy_settings.py + - PR_revision.log file_contents: - rpm-build wget libvirt - wget git gcc @@ -50,3 +51,16 @@ file_audits: - eval \"\$wrapper - nova.+nova_private_key - replace_private_key + - copr\.fedorainfracloud\.org\/coprs\/leifmadsen + - artifacts\.opnfv\.org\/apex\/dependencies + - private_key.decode\(\'utf\-8\'\) + - for line in private_key\.splitlines\(\) + - output_line.*private_key.*\\n\" + - add Greg Troxel\'s md5 buffer copy\/dup fix + - downloads\.onosproject\.org\/nightly\/ + - test_ops.*--root-password.*password + - import make_ssh_key + - priv\, pub \= make_ssh_key\(\) + - def test_make_ssh_key\(self\) + - github\.com\/6WIND + - issues\.apache\.org\/jira\/secure\/ diff --git a/exceptions/calipso.yaml b/exceptions/calipso.yaml index 6663e82..4282d34 100644 --- a/exceptions/calipso.yaml +++ b/exceptions/calipso.yaml @@ -112,3 +112,4 @@ file_audits: - RABBITMQ_PK_FILE_ATTR = 'private_key_file' - paramiko.RSAKey.from_private_key_file - if not self.ftp + - curl .*\$SCANS_URL diff --git a/exceptions/compass4nfv.yaml b/exceptions/compass4nfv.yaml index 56b548c..9c179d7 100644 --- a/exceptions/compass4nfv.yaml +++ b/exceptions/compass4nfv.yaml @@ -6,30 +6,50 @@ # of escaping YAML delimiters too (such as `:`) using double quotes "". binaries: - docs/release/installation/images/k8s.png: - - ea74fbfa486f2e5ec7afc36a0cccc0161420409fd84fec0b56af2db65c053c4a - docs/release/installation/images/architecture.png: - - b941339d32e26eddef5074f893ffe69b8c922bee074638ed5cf67b6b5b40d50e docs/release/installation/images/multi_nics.png: - - a9597f00a89874ea908d542d1dd6a7a125f2e0e0128d4714b7564e226ea789e8 + - 27b705de5bae75d09d3889b58bc105aac74b7bbb6bf0fedad4b4568b4e4b5e63 + docs/release/installation/images/architecture.png: + - fe2021a265b52d541870464fd4165c54684a0d99702480652cb1d4ff1063d63c + docs/release/installation/images/k8s.png: + - 1314e7914dd5fad06e45b5338fbb21e32b21489a58186198df6743102c2555bf docs/release/installation/images/single_nic.png: - - 2d0d900d84ee7258ebc27822fcfdab54ede33c64676def4b679e77d34912ff71 - docs/development/overview/images/compass_arch.png: - - 098f8470138c881c29c92ed89069e939336ccd6d0653826a319bc0a1224350c9 + - 84166285df9974f4c4e539fc011af3b11b7f0de8431b24a23ba420ac6ed6693c + docs/development/design/images/repo_features.png: + - 3e68381937aa317023d9a497ad4c0c44ec501f760dd78ee543bbc7f8c866d008 docs/development/design/images/Existed_roles.png: - - ce19bfbba632dce8d78762d035ea12d1b4ad7e39f6000c4ed9743976afca7b47 + - f44ce4d2bc354c7bd046f8b91367b30559fe66332b54804b0ce802ba682c7d3b docs/development/design/images/Moon.png: - - 9a9d40d9ffa4bcbf99140fa6678599298bda913329ef3b40ef34b0e62f848180 - docs/development/design/images/repo_features.png: - - ce345b0fd8583a792180521c7a8c1ff37574cc7ca693617d974632565720d89c + - cfeb37bb865a5b7414cc21beb5e74e192c00763c613ca48a9c21bde131195488 + docs/development/overview/images/compass_arch.png: + - e5a92b0aba418df4142e141d67473233950cbfb14b1d45c3e919ae2857700e19 file_audits: - file_names: [nullvalue] + file_names: + - kickstart_knife.rb + - preseed_knife.rb + - .*.pem + - .*.asc file_contents: - publicURL - server_password - username\,.password - - \'password\'\:.password - - \'password\'\:.\{ - metadata_secret - compass_user_password + - shell.* + - curl + - eval + - wget + - ftp + - telnet + - finger + - 0\.0\.0\.0 + - md+ + - (password|passwd)(.*:|.*=.*) + - \/tmp\/ + - ssh_key + - secret + - yaml.* + - sha.* + - git.* + - exec.* + - private_key diff --git a/exceptions/dovetail.yaml b/exceptions/dovetail.yaml index 12430cd..47ff086 100644 --- a/exceptions/dovetail.yaml +++ b/exceptions/dovetail.yaml @@ -53,4 +53,5 @@ binaries: file_audits: file_names: [nullvalue] - file_contents: [nullvalue] + file_contents: + - '\/var\/run\/docker\.sock\:\/tmp\/docker\.sock\:ro' diff --git a/exceptions/releng.yaml b/exceptions/releng.yaml index 2d6eb0a..00a35f5 100644 --- a/exceptions/releng.yaml +++ b/exceptions/releng.yaml @@ -290,7 +290,7 @@ file_audits: - bifrost_ssh_private_key - cacheValues - elif type wget >/dev/null - - eval \$(cat /\$WORKSPACE/installer_track.txt) + - eval \$\(cat /\$WORKSPACE/installer_track.txt\) - eval_collection - eval_db - evaluate diff --git a/ignore_list.yaml b/ignore_list.yaml index c059eb6..b0a1e39 100644 --- a/ignore_list.yaml +++ b/ignore_list.yaml @@ -6,12 +6,14 @@ file_audits: file_names: [nullvalue] file_contents: - ^# - - \bwget\s+\\ - - \bcurl\s+\\ - - git clone.+\.openstack\.org - - git clone.+gerrit\.opnfv\.org - - wget.+build\.opnfv\.org - - wget.+artifacts\.opnfv\.org - - wget.+git\.opnfv.org - - wget.+git\.openstack.org + - git clone.+\.openstack\.org\/.* + - git clone.+gerrit\.opnfv\.org\/.* - git clone.+https:\/\/git.opendaylight\.org\/gerrit\/ + - wget.+build\.opnfv\.org\/.* + - wget.+artifacts\.opnfv\.org\/.* + - wget.+git\.opnfv.org\/.* + - wget.+git\.openstack.org\/.* + - curl.+build\.opnfv\.org\/.* + - curl.+artifacts\.opnfv\.org\/.* + - curl.+git\.opnfv.org\/.* + - curl.+git\.openstack.org\/.* |