Skip to content

Commit

Permalink
Enable the "gosec" linter for CI, and fix the one issue in our code.
Browse files Browse the repository at this point in the history 
The "issue" is actually a false positive, so it is fixed by adding an annotation.
  • Loading branch information
@dlorenc @tekton-robot
dlorenc authored and tekton-robot committed Sep 26, 2019
1 parent 40e340f commit 4fc6231
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 0 deletions.
1 change: 1 addition & 0 deletions .golangci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,3 +12,4 @@ linters:
- errcheck
- gofmt
- goimports
- gosec
3 changes: 3 additions & 0 deletions pkg/apis/pipeline/v1alpha1/artifact_bucket.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,9 @@ const (
ArtifactStoragePVCType = "pvc"
)

// For some reason gosec thinks this string has enough entropy to be a potential secret.
// The nosec comment disables it for this line.
/* #nosec */
var secretVolumeMountPath = "/var/bucketsecret"

// ArtifactBucket contains the Storage bucket configuration defined in the
Expand Down

0 comments on commit 4fc6231

Please sign in to comment.