pr-fix: correct failures

arcus-azure · Jan 14, 2025 · 6f0d840 · 6f0d840
1 parent 105002e
commit 6f0d840
Show file tree

Hide file tree

Showing 4 changed files with 86 additions and 80 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -13,10 +13,10 @@ name: "CodeQL"
 
 on:
   push:
-    branches: [ main ]
+    branches: [main]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [ main ]
+    branches: [main]
   schedule:
     - cron: '43 10 * * 5'
 
@@ -27,44 +27,45 @@ jobs:
     permissions:
       actions: read
       contents: read
+      #checkov:skip=CKV2_GHA_1: requires write access to the repository.
       security-events: write
 
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'csharp' ]
+        language: ['csharp']
         # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
         # Learn more about CodeQL language support at https://git.io/codeql-language-support
 
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v3
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
+      - name: Checkout repository
+        uses: actions/checkout@v4
+  
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+          # queries: ./path/to/local/query, your-org/your-repo/queries@main
+  
+      # Auto build attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Auto build
+        uses: github/codeql-action/autobuild@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
+  
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 https://git.io/JvXDl
+  
+      # ✏️ If the Auto build fails above, remove it and uncomment the following three lines
+      #    and modify them (or add more) to build your code if your project
+      #    uses a compiled language
+  
+      #- run: |
+      #   make bootstrap
+      #   make release
+  
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
@@ -1,51 +1,53 @@
 ---
-  # MegaLinter GitHub Action configuration file
-  # More info at https://megalinter.io
-  name: MegaLinter
+# MegaLinter GitHub Action configuration file
+# More info at https://megalinter.io
+name: MegaLinter
 
-  on:
-    # Trigger mega-linter at every push. Action will also be visible from Pull Requests to main
-    push: # Comment this line to trigger action only on pull-requests (not recommended if you don't pay for GH Actions)
-    pull_request:
-      branches: [main]
+on:
+  # Trigger mega-linter at every push. Action will also be visible from Pull Requests to main
+  push: # Comment this line to trigger action only on pull-requests (not recommended if you don't pay for GH Actions)
+  pull_request:
+    branches: [main]
 
-  concurrency:
-    group: ${{ github.ref }}-${{ github.workflow }}
-    cancel-in-progress: true
+concurrency:
+  group: ${{ github.ref }}-${{ github.workflow }}
+  cancel-in-progress: true
 
-  jobs:
-    megalinter:
-      name: MegaLinter
-      runs-on: ubuntu-latest
-      permissions: write-all
-      steps:
-        # Git Checkout
-        - name: Checkout Code
-          uses: actions/checkout@v4
-          with:
-            token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
-            fetch-depth: 0 # If you use VALIDATE_ALL_CODEBASE = true, you can remove this line to improve performances
+jobs:
+  megalinter:
+    name: MegaLinter
+    runs-on: ubuntu-latest
+    #checkov:skip=CKV2_GHA_1: requires write access to the repository.
+    permissions: write-all
 
-        # MegaLinter
-        - name: MegaLinter
-          id: ml
-          # You can override MegaLinter flavor used to have faster performances
-          # More info at https://megalinter.io/latest/flavors/
-          uses: oxsecurity/megalinter@1fc052d03c7a43c78fe0fee19c9d648b749e0c01 #v8.3.0
-          env:
-            # All available variables are described in documentation
-            # https://megalinter.io/latest/configuration/
-            VALIDATE_ALL_CODEBASE: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} # Validates all source when push on main, else just the git diff with main. Override with true if you always want to lint all sources
-            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-            # ADD YOUR CUSTOM ENV VARIABLES HERE OR DEFINE THEM IN A FILE .mega-linter.yml AT THE ROOT OF YOUR REPOSITORY
-            DISABLE: REPOSITORY_CHECKOV # Uncomment to disable copy-paste and spell checks
-
-        # Upload MegaLinter artifacts
-        - name: Archive production artifacts
-          if: success() || failure()
-          uses: actions/upload-artifact@v4
-          with:
-            name: MegaLinter reports
-            path: |
-              megalinter-reports
-              mega-linter.log
+    steps:
+      # Git Checkout
+      - name: Checkout Code
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
+          fetch-depth: 0 # If you use VALIDATE_ALL_CODEBASE = true, you can remove this line to improve performances
+
+      # MegaLinter
+      - name: MegaLinter
+        id: ml
+        # You can override MegaLinter flavor used to have faster performances
+        # More info at https://megalinter.io/latest/flavors/
+        uses: oxsecurity/megalinter@1fc052d03c7a43c78fe0fee19c9d648b749e0c01 #v8.3.0
+        env:
+          # All available variables are described in documentation
+          # https://megalinter.io/latest/configuration/
+          VALIDATE_ALL_CODEBASE: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} # Validates all source when push on main, else just the git diff with main. Override with true if you always want to lint all sources
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          # ADD YOUR CUSTOM ENV VARIABLES HERE OR DEFINE THEM IN A FILE .mega-linter.yml AT THE ROOT OF YOUR REPOSITORY
+          DISABLE: REPOSITORY_CHECKOV # Uncomment to disable copy-paste and spell checks
+
+      # Upload MegaLinter artifacts
+      - name: Archive production artifacts
+        if: success() || failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: MegaLinter reports
+          path: |
+            megalinter-reports
+            mega-linter.log
diff --git a/build/variables/test.yml b/build/variables/test.yml
@@ -9,4 +9,5 @@ variables:
 
   Arcus.Testing.KeyVault.Name: 'arcus-testing-kv'
   Arcus.Testing.StorageAccount.Name: 'arcustestingstorage'
+  #checkov:skip=CKV_SECRET_6: checkov incorrectly sees this secret name as a hard-coded secret.
   Arcus.Testing.StorageAccount.Key.SecretName: 'Arcus-Testing-StorageAccount-Key'
diff --git a/src/Arcus.Testing.Logging.Core/Arcus.Testing.Logging.Core.csproj b/src/Arcus.Testing.Logging.Core/Arcus.Testing.Logging.Core.csproj
@@ -16,8 +16,10 @@
   <ItemGroup>
     <PackageReference Include="Microsoft.Extensions.Logging" Version="[8.0.0,10.0.0)" />
 
+    <!-- devskim: ignore next-line -->
     <!-- TODO: Serilog will be removed in v2.0 -->
     <PackageReference Include="Serilog" Version="2.10.0" />
+    <!-- devskim: ignore next-line -->
     <!-- TODO: Serilog will be removed in v2.0-->
   </ItemGroup>