Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add fallback DNS #414

Merged
merged 3 commits into from
Jun 15, 2023
Merged

Add fallback DNS #414

merged 3 commits into from
Jun 15, 2023

Conversation

varunsh-coder
Copy link
Member

No description provided.

step-security-bot
step-security-bot reviewed Jun 15, 2023
View reviewed changes
Copy link
Contributor

@step-security-bot step-security-bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please find StepSecurity AI-CodeWise code comments inline or below.

dnsproxy_test.go

Please refer to 1 inline comments.

.github/workflows/int.yml

Please refer to 1 inline comments.

Feedback

We appreciate your feedback in helping us improve the service! To provide feedback, please use emojis on this comment. If you find a comment helpful, give it a 👍. If they aren't useful, kindly express that with a 👎. If you have questions or detailed feedback, please create n GitHub issue in StepSecurity/AI-CodeWise.

dnsproxy_test.go
@@ -24,10 +24,12 @@ func TestDNSProxy_getResponse(t *testing.T) {
auditCache := InitCache(EgressPolicyAudit)
blockCache := InitCache(EgressPolicyBlock)
rrDnsGoogle, _ := dns.NewRR("dns.google. IN A 8.8.8.8")
rrDnsCloudflare, _ := dns.NewRR("cloudflare-dns.com. IN A 1.1.1.1")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[High]Use constants or environment variables instead of hardcoding values in the code

The code contains hardcoded values that could be reused multiple times. Hardcoding values in the code can make it difficult to maintain the code and could lead to security issues. Use constants or environment variables to store the values. This will make it easy to modify the values if needed and it will make your code easy to read and maintain. Avoid storing sensitive information in environment variables

.github/workflows/int.yml
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-2
- run: aws s3 cp ./agent s3://step-security-agent/refs/heads/int/agent --acl public-read
- name: Integration test
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[Low]Add Dockerfile to the repo and use it in the integration test step

Instead of using a docker image directly from GitHub, we can use a Dockerfile in the repo. This would give greater control over the image. Add a Dockerfile to create image for ghcr.io/step-security/integration-test/int:latest and use that Dockerfile in the integration test step.

@varunsh-coder varunsh-coder merged commit 2a612fe into main Jun 15, 2023
6 checks passed
@varunsh-coder varunsh-coder deleted the add-fallback-dns branch June 15, 2023 17:07
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@step-security-bot step-security-bot step-security-bot left review comments

@ashishkurmi ashishkurmi ashishkurmi approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@varunsh-coder @step-security-bot @ashishkurmi