Merge pull request #6 from spectrocloud/git-leaks

fix: added maxgoproxs
spectrocloud · Feb 24, 2023 · bf2ab0d · bf2ab0d
2 parents 19ab1aa + 4053d7c
commit bf2ab0d
Show file tree

Hide file tree

Showing 5 changed files with 44 additions and 2 deletions.
diff --git a/.github/workflows/gitleaks.yaml b/.github/workflows/gitleaks.yaml
@@ -0,0 +1,38 @@
+name: GitLeaks
+on: [pull_request]
+
+concurrency:
+  group: gitleaks-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  gitleaks-scan:
+    runs-on: ubuntu-latest
+    container:
+      image: gcr.io/spectro-common-dev/fayasa/bulwark:latest
+      env:
+        REPO: ${{ github.event.repository.name }}
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      credentials:
+        username: _json_key
+        password: ${{ secrets.GCR_SPCD_JSON_KEY }}
+    steps:
+
+      - name: run-bulwark-gitleaks-scan
+        shell: sh
+        env:
+          BRANCH: ${{ github.head_ref || github.ref_name }}
+        run: /workspace/bulwark -name CodeSASTGitLeaks -target $REPO -tags "branch:$BRANCH,options:--log-opts origin..HEAD"
+
+      - name: check-result
+        shell: sh
+        run: |
+          resultPath=./$REPO/gitleaks.json
+          cat $resultPath | grep -v \"Match\"\: | grep -v \"Secret\"\:
+          total_failed_tests=`cat $resultPath | grep \"Fingerprint\"\: | wc -l`
+          if [ "$total_failed_tests" -gt 0 ]; then
+            echo "GitLeaks validation check failed with above findings..."
+            exit 1
+          else 
+            echo "GitLeaks validation check passed"
+          fi
diff --git a/README.md b/README.md
@@ -20,8 +20,8 @@ A Postman collection is available to help you explore the API. Review the [Postm
 The quickest method to start the API server locally is by using the Docker image. 
 
 ```shell
-docker pull ghcr.io/spectrocloud/hello-universe-api:1.0.6
-docker run -p 3000:3000 ghcr.io/spectrocloud/hello-universe-api:1.0.6
+docker pull ghcr.io/spectrocloud/hello-universe-api:1.0.7
+docker run -p 3000:3000 ghcr.io/spectrocloud/hello-universe-api:1.0.7
 ```
 
 To start the API server you must have connectivity to a postgres instance. Use [environment variables](#environment-variables) to customize the API server start parameters.

diff --git a/go.mod b/go.mod
@@ -7,6 +7,7 @@ require (
 	github.com/lib/pq v1.10.7
 	github.com/mileusna/useragent v1.2.1
 	github.com/rs/zerolog v1.28.0
+	go.uber.org/automaxprocs v1.5.1
 )
 
 require (

diff --git a/go.sum b/go.sum
@@ -19,6 +19,8 @@ github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE
 github.com/rs/xid v1.4.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
 github.com/rs/zerolog v1.28.0 h1:MirSo27VyNi7RJYP3078AA1+Cyzd2GB66qy3aUHvsWY=
 github.com/rs/zerolog v1.28.0/go.mod h1:NILgTygv/Uej1ra5XxGf82ZFSLk58MFGAUS2o6usyD0=
+go.uber.org/automaxprocs v1.5.1 h1:e1YG66Lrk73dn4qhg8WFSvhF0JuFQF0ERIp4rpuV8Qk=
+go.uber.org/automaxprocs v1.5.1/go.mod h1:BF4eumQw0P9GtnuxxovUd06vwm1o18oMzFtK66vU6XU=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6 h1:foEbQz/B0Oz6YIqu/69kfXPYeFQAuuMYFkjaqXzl5Wo=
 golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
diff --git a/main.go b/main.go
@@ -13,6 +13,7 @@ import (
 	"github.com/jmoiron/sqlx"
 	_ "github.com/lib/pq"
 
+	_ "go.uber.org/automaxprocs"
 	"spectrocloud.com/hello-universe-api/endpoints"
 	"spectrocloud.com/hello-universe-api/internal"
 )