minder
minder copied to clipboard
stacklok
Software Supply Chain Security Platform
### Describe the issue Tests using `createRandomOrganization` occasionally run into a key violation due to [this line](https://github.com/stacklok/minder/blob/main/internal/db/organizations_test.go#L37) creating identical names when lower-cased. ``` ❌ TestCreateProfileStatusMultiRuleTransitions/0x87 (30ms) profiles_test.go:2802: Error Trace: /Users/michelangelo/stacklok/minder/internal/db/organizations_test.go:42...
We have documentation on User and Policy Management, but we don't have documentation on managing Providers. Currently, we have: * Enroll a new provider * Difference between OAuth/PAT and GitHub...
GitHub fine grained tokens, including the tokens generated by a GitHub Apps, do not have access to list all the containers associated with a repository. In Minder's implementation of the...
To handle cases such as: - a user adds a github app provider and wants the provider to be configured to auto-register new repositories - a user adds an OCI...
At the moment minder uses the same salt to encrypt all the data we store in our db. We should switch to using a salt per encryption operation.
To complement the auto-registration we'll have to implement some very basic routing. Not a full blown grammar, just to ignore private repos, ignore forks and ignore by name/wildcard. See the...
There are several use-cases that we need to test related to repository auto-enrollment: - a repository is moved from an org to another, both are registered in the same project...
When we add potentially long-running tasks such as auto-registering many repositories we need to report on their status: - how many repositories were already tried - which were registered -...
In issue #3268 we describe an RPC to tell the provider to sync its entity list. We should extend reminder to periodically call this RPC to account for lost webhook...
Right now every repository registration also triggers evaluating of all the profiles defined in that project. With auto-registration, this can starve the tokens very fast. We should develop a mechanism...