vault icon indicating copy to clipboard operation
vault copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

PR check `Security Scan / scan (pull_request)` looks like it always fails on all PRs from the community

Open maxb opened this issue 2 years ago • 3 comments

e.g. #18510

maxb avatar Dec 21 '22 11:12 maxb

I think this is expected as you don't have clone access to the internal HCP scanning repo, but cc @mickael-hc and @mcollao-hc just in case.

It doesn't block merge though, so I wouldn't worry too much about it, but I do wonder if there's an easy way to run the scan internally and share the relevant results?

cipherboy avatar Dec 21 '22 13:12 cipherboy

Or at least, it could detect that it can't operate, and avoid placing a "failure" status on the PRs, which usually suggests a PR needs further work.

maxb avatar Dec 21 '22 13:12 maxb

It's due GitHub not sharing repo secrets with community PRs. I'll look into adding some logic to silently pass until we can open source the project.

mcollao-hc avatar Dec 21 '22 15:12 mcollao-hc

Would you be able to also look at Project triage / Add issue or PR to projects such also seems to be failing on all community PRs for the same reason?

maxb avatar Dec 28 '22 14:12 maxb

Addressed in https://github.com/hashicorp/vault/pull/22351 - this now skips this job on community PRs.

VioletHynes avatar Aug 16 '23 13:08 VioletHynes