From a4404ce1ff5015ebd0d21659cdf9d3d74831d1f9 Mon Sep 17 00:00:00 2001 From: Sai Shanmukha Narumanchi Date: Thu, 19 Sep 2024 21:27:50 -0500 Subject: [PATCH] Change the image_url to handle one or more spaces in the allowed_base_images.txt (#199) --- .../workflows/get_layer_info_for_nf_imgs.yml | 2 +- .secrets.baseline | 321 ++++-------------- 2 files changed, 66 insertions(+), 257 deletions(-) diff --git a/.github/workflows/get_layer_info_for_nf_imgs.yml b/.github/workflows/get_layer_info_for_nf_imgs.yml index 70ac9914..62bdcbce 100644 --- a/.github/workflows/get_layer_info_for_nf_imgs.yml +++ b/.github/workflows/get_layer_info_for_nf_imgs.yml @@ -65,7 +65,7 @@ jobs: # Strip the first * if a line starts with * if [[ "$image_url" == \** ]]; then echo "Line_$LINENO: Stripping * from this line -- $image_url" - image_url="${image_url:1}" + image_url="${image_url}" | sed -E 's/\*(.+)/\1/g' | sed 's/^[ \t]*//;s/[ \t]*$//' fi echo "Line $LINENO: started reading lines from script" manifest_url=$(echo "${image_url}" | sed 's|public\.ecr\.aws/\(.*\):\(.*\)|https://public.ecr.aws/v2/\1/manifests/\2|') diff --git a/.secrets.baseline b/.secrets.baseline index 62068b2b..75a9fcd8 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -1,19 +1,11 @@ { - "exclude": { - "files": null, - "lines": null - }, - "generated_at": "2024-06-17T22:02:51Z", - + "generated_at": "2024-09-19T21:59:08Z", "plugins_used": [ - { - "name": "ArtifactoryDetector" - }, { "name": "AWSKeyDetector" }, { - "name": "AzureStorageKeyDetector" + "name": "ArtifactoryDetector" }, { "name": "Base64HighEntropyString", @@ -25,15 +17,9 @@ { "name": "CloudantDetector" }, - { - "name": "DiscordBotTokenDetector" - }, - { - "name": "GitHubTokenDetector" - }, { "name": "HexHighEntropyString", - "limit": 3.0 + "limit": 3 }, { "name": "IbmCloudIamDetector" @@ -45,30 +31,21 @@ "name": "JwtTokenDetector" }, { - "name": "KeywordDetector", - "keyword_exclude": "" + "keyword_exclude": null, + "name": "KeywordDetector" }, { "name": "MailchimpDetector" }, - { - "name": "NpmDetector" - }, { "name": "PrivateKeyDetector" }, - { - "name": "SendGridDetector" - }, { "name": "SlackDetector" }, { "name": "SoftlayerDetector" }, - { - "name": "SquareOAuthDetector" - }, { "name": "StripeDetector" }, @@ -76,109 +53,14 @@ "name": "TwilioKeyDetector" } ], - "filters_used": [ - { - "path": "detect_secrets.filters.allowlist.is_line_allowlisted" - }, - { - "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies", - "min_level": 2 - }, - { - "path": "detect_secrets.filters.heuristic.is_indirect_reference" - }, - { - "path": "detect_secrets.filters.heuristic.is_likely_id_string" - }, - { - "path": "detect_secrets.filters.heuristic.is_lock_file" - }, - { - "path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string" - }, - { - "path": "detect_secrets.filters.heuristic.is_potential_uuid" - }, - { - "path": "detect_secrets.filters.heuristic.is_prefixed_with_dollar_sign" - }, - { - "path": "detect_secrets.filters.heuristic.is_sequential_string" - }, - { - "path": "detect_secrets.filters.heuristic.is_swagger_file" - }, - { - "path": "detect_secrets.filters.heuristic.is_templated_secret" - } - ], "results": { ".github/workflows/build_and_push_nf_base_images.yml": [ - { - "hashed_secret": "8ca221cf185226c33b30e6b150183acb037eff56", - "is_verified": false, - "line_number": 76, - "type": "Base64 High Entropy String" - } - ], - "BRH-notebooks/combined_demos/BDCat_Biolincc_Framingham_study_exploration.ipynb": [ - { - "type": "Base64 High Entropy String", - "filename": "BRH-notebooks/combined_demos/MIDRC_CT_Scan_Demo.ipynb", - "hashed_secret": "500b58a549dff0560e74a33651cc31b68302b0fd", - "is_verified": false, - "line_number": 263 - }, - { - "type": "Base64 High Entropy String", - "filename": "BRH-notebooks/combined_demos/MIDRC_CT_Scan_Demo.ipynb", - "hashed_secret": "e39785f4bcfb4485e9ca233c40bdfb017735a2e8", - "is_verified": false, - "line_number": 385 - }, - { - "type": "Base64 High Entropy String", - "filename": "BRH-notebooks/combined_demos/MIDRC_CT_Scan_Demo.ipynb", - "hashed_secret": "553adf007b4bc9b6661ac95376d33aa5408d0b6e", - "is_verified": false, - "line_number": 407 - }, - { - "type": "Base64 High Entropy String", - "filename": "BRH-notebooks/combined_demos/MIDRC_CT_Scan_Demo.ipynb", - "hashed_secret": "489cc204b4d305cb05da8fe683e4cbe191a7c393", - "is_verified": false, - "line_number": 429 - } - ], - "BRH-notebooks/combined_demos/MIDRC_Clinical_Data.ipynb": [ - { - "type": "Base64 High Entropy String", - "filename": "BRH-notebooks/combined_demos/MIDRC_Clinical_Data.ipynb", - "hashed_secret": "d1fa04323f7f3c8fea4c36cbd9c177ec75e1a1e1", - "is_verified": false, - "line_number": 364 - }, { "type": "Base64 High Entropy String", - "filename": "BRH-notebooks/combined_demos/MIDRC_Clinical_Data.ipynb", - "hashed_secret": "532a38de55533f9294eedc9e32616fa2851c2b46", - "is_verified": false, - "line_number": 418 - }, - { - "type": "Base64 High Entropy String", - "filename": "BRH-notebooks/combined_demos/MIDRC_Clinical_Data.ipynb", - "hashed_secret": "29337368ef4cee773f3f8b0f91a484c6d36df1a8", - "is_verified": false, - "line_number": 469 - }, - { - "type": "Base64 High Entropy String", - "filename": "BRH-notebooks/combined_demos/MIDRC_Clinical_Data.ipynb", - "hashed_secret": "e6094fb6fb550f9563177d993a1fc836c7af7537", + "filename": ".github/workflows/build_and_push_nf_base_images.yml", + "hashed_secret": "8ca221cf185226c33b30e6b150183acb037eff56", "is_verified": false, - "line_number": 518 + "line_number": 76 } ], "BRH-notebooks/combined_demos/OADC_CCLE_gene_expression_data_analysis.ipynb": [ @@ -211,38 +93,6 @@ "line_number": 468 } ], - "BRH-notebooks/combined_demos/PDC_clustergram.ipynb": [ - { - "type": "Base64 High Entropy String", - "filename": "BRH-notebooks/combined_demos/PDC_clustergram.ipynb", - "hashed_secret": "8736ec827f9de5169d3c84b3f057ca0165c9c4d5", - "is_verified": false, - "line_number": 442 - }, - { - "type": "Base64 High Entropy String", - "filename": "BRH-notebooks/combined_demos/PDC_clustergram.ipynb", - "hashed_secret": "c48a49cf5482053321c5e32743cf9239fbbbc049", - "is_verified": false, - "line_number": 491 - } - ], - "HEAL-notebooks/bacpac/BACPAC_Synthetic_Data_Analysis.ipynb": [ - { - "type": "Base64 High Entropy String", - "filename": "HEAL-notebooks/bacpac/BACPAC_Synthetic_Data_Analysis.ipynb", - "hashed_secret": "7e6268d3d8f12d6bc39017524362b10f9982f383", - "is_verified": false, - "line_number": 390 - }, - { - "type": "Base64 High Entropy String", - "filename": "HEAL-notebooks/bacpac/BACPAC_Synthetic_Data_Analysis.ipynb", - "hashed_secret": "d1a8bb8b7ae7bfdd73a0f546b1afe3cfd1e9340b", - "is_verified": false, - "line_number": 404 - } - ], "HEAL-notebooks/cdcdea/Opioid_Prevalence_And_Overdoses.ipynb": [ { "type": "Base64 High Entropy String", @@ -329,20 +179,6 @@ "hashed_secret": "c7ca176ddf69dc4d06a5f3035c9922e2fa1b0837", "is_verified": false, "line_number": 728 - }, - { - "type": "Base64 High Entropy String", - "filename": "HEAL-notebooks/cdcwonder/Opioid_Overdose_Trajectories.ipynb", - "hashed_secret": "7e6268d3d8f12d6bc39017524362b10f9982f383", - "is_verified": false, - "line_number": 904 - }, - { - "type": "Base64 High Entropy String", - "filename": "HEAL-notebooks/cdcwonder/Opioid_Overdose_Trajectories.ipynb", - "hashed_secret": "d1a8bb8b7ae7bfdd73a0f546b1afe3cfd1e9340b", - "is_verified": false, - "line_number": 918 } ], "HEAL-notebooks/combined_tutorials/JCOIN_Tracking_Opioid_Stigma.ipynb": [ @@ -425,20 +261,6 @@ "is_verified": false, "line_number": 724 }, - { - "type": "Base64 High Entropy String", - "filename": "HEAL-notebooks/combined_tutorials/Opioid_Overdose_Trajectories.ipynb", - "hashed_secret": "7e6268d3d8f12d6bc39017524362b10f9982f383", - "is_verified": false, - "line_number": 900 - }, - { - "type": "Base64 High Entropy String", - "filename": "HEAL-notebooks/combined_tutorials/Opioid_Overdose_Trajectories.ipynb", - "hashed_secret": "d1a8bb8b7ae7bfdd73a0f546b1afe3cfd1e9340b", - "is_verified": false, - "line_number": 914 - }, { "type": "Base64 High Entropy String", "filename": "HEAL-notebooks/combined_tutorials/Opioid_Overdose_Trajectories.ipynb", @@ -581,62 +403,38 @@ ], "jupyter-geo/start.sh": [ { - "type": "Base64 High Entropy String", - "filename": "jupyter-jcoin/resources/JCOIN_Tracking_Opioid_Stigma.ipynb", - "hashed_secret": "b8aece89018b37b775d125047fa9b8e616f72a1e", + "type": "Secret Keyword", + "filename": "jupyter-geo/start.sh", + "hashed_secret": "f98370d81077aed0aa3500bfc8de3f3e1dac52f6", "is_verified": false, - "line_number": 1049 - }, + "line_number": 17 + } + ], + "jupyter-slim/jupyterslim.yaml": [ { - "type": "Base64 High Entropy String", - "filename": "jupyter-jcoin/resources/JCOIN_Tracking_Opioid_Stigma.ipynb", - "hashed_secret": "c0d2b606eddb01acc7627d0ece549c705f709376", + "type": "Secret Keyword", + "filename": "jupyter-slim/jupyterslim.yaml", + "hashed_secret": "9b5925ea817163740dfb287a9894e8ab3aba2c18", "is_verified": false, - "line_number": 1398 - }, + "line_number": 12 + } + ], + "vlmd-submission-tools/poetry.lock": [ { + "type": "Hex High Entropy String", + "filename": "vlmd-submission-tools/poetry.lock", "hashed_secret": "e1df343623dcc5d44e3a7da0e09ee4b0c980b52f", "is_verified": false, - "line_number": 1519, - "type": "Hex High Entropy String" + "line_number": 1519 } ], "vlmd-submission-tools/tests/test_common_utils.py": [ - { - "type": "Secret Keyword", - "filename": "vlmd-submission-tools/tests/test_common_utils.py", - "hashed_secret": "42828dbcc6b96bdd2ba1fa58759f6a13d25c9670", - "is_verified": false, - "line_number": 16 - }, - { - "type": "Secret Keyword", - "filename": "vlmd-submission-tools/tests/test_common_utils.py", - "hashed_secret": "4ed9409c478d335091fca530fe96e2274d6ce02d", - "is_verified": false, - "line_number": 17 - }, - { - "type": "Secret Keyword", - "filename": "vlmd-submission-tools/tests/test_common_utils.py", - "hashed_secret": "37e94c31b6a756ba2afd2fe9a9765172cd79ac47", - "is_verified": false, - "line_number": 19 - }, - { - "type": "Secret Keyword", - "filename": "vlmd-submission-tools/tests/test_common_utils.py", - "hashed_secret": "fcdc2e835b7d67dda7308d7f14be39e60d69e9b0", - "is_verified": false, - "line_number": 23 - }, { "type": "Secret Keyword", "filename": "vlmd-submission-tools/tests/test_common_utils.py", "hashed_secret": "8318df9ecda039deac9868adf1944a29a95c7114", "is_verified": false, - "line_number": 102, - "type": "Secret Keyword" + "line_number": 102 } ], "vlmd-submission-tools/tests/test_subcommand_get_dictionary_url.py": [ @@ -645,7 +443,7 @@ "filename": "vlmd-submission-tools/tests/test_subcommand_get_dictionary_url.py", "hashed_secret": "8318df9ecda039deac9868adf1944a29a95c7114", "is_verified": false, - "line_number": 55 + "line_number": 151 } ], "vlmd-submission-tools/tests/test_subcommand_upload_dictionary_to_mds.py": [ @@ -654,34 +452,45 @@ "filename": "vlmd-submission-tools/tests/test_subcommand_upload_dictionary_to_mds.py", "hashed_secret": "8318df9ecda039deac9868adf1944a29a95c7114", "is_verified": false, - "line_number": 47 - } - ], - "vlmd-submission-tools/vlmd_submission_tools/common/config.py": [ - { - "type": "Secret Keyword", - "filename": "vlmd-submission-tools/vlmd_submission_tools/common/config.py", - "hashed_secret": "df154378cdb95ea47c440a1f676d2e73f6f4b245", - "is_verified": false, - "line_number": 8 - }, - { - "type": "Secret Keyword", - "filename": "vlmd-submission-tools/vlmd_submission_tools/common/config.py", - "hashed_secret": "4ed9409c478d335091fca530fe96e2274d6ce02d", - "is_verified": false, - "line_number": 9 - }, - { - "type": "Secret Keyword", - "filename": "vlmd-submission-tools/vlmd_submission_tools/common/config.py", - "hashed_secret": "8318df9ecda039deac9868adf1944a29a95c7114", - "is_verified": false, - "line_number": 163, - "type": "Secret Keyword" - + "line_number": 163 } ] }, - "generated_at": "2024-01-30T21:08:48Z" + "version": "1.4.0", + "filters_used": [ + { + "path": "detect_secrets.filters.allowlist.is_line_allowlisted" + }, + { + "path": "detect_secrets.filters.heuristic.is_sequential_string" + }, + { + "path": "detect_secrets.filters.heuristic.is_potential_uuid" + }, + { + "path": "detect_secrets.filters.heuristic.is_likely_id_string" + }, + { + "path": "detect_secrets.filters.heuristic.is_templated_secret" + }, + { + "path": "detect_secrets.filters.heuristic.is_prefixed_with_dollar_sign" + }, + { + "path": "detect_secrets.filters.heuristic.is_indirect_reference" + }, + { + "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies", + "min_level": 2 + }, + { + "path": "detect_secrets.filters.heuristic.is_lock_file" + }, + { + "path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string" + }, + { + "path": "detect_secrets.filters.heuristic.is_swagger_file" + } + ] }