Skip to content

Commit

Permalink
Remove debug check
Browse files Browse the repository at this point in the history
  • Loading branch information
@miz060
miz060 committed Feb 21, 2025
1 parent e1ef7a3 commit 3a3ac3e
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 20 deletions.
21 changes: 9 additions & 12 deletions .github/workflows/binskim.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,7 @@ name: BinSkim Security Scan
on:
pull_request:
branches:
- msft-main # Adjust if needed
push:
branches:
- mitchzhu/clippy
- msft-main

jobs:
binskim:
Expand Down Expand Up @@ -73,7 +70,7 @@ jobs:
echo "Error: kata-agent binary not found!"
exit 1
fi
binskim analyze "$KATA_AGENT_PATH" --level Error --kind "Pass;Fail" > binskim_agent
binskim analyze "$KATA_AGENT_PATH" --level Error --kind "Pass;Fail" > binskim_result_agent

#- name: Scan runtime binary
Expand All @@ -83,7 +80,7 @@ jobs:
# echo "Error: kata-runtime binary not found!"
# exit 1
# fi
# binskim analyze "$KATA_RUNTIME_PATH" --level Error --kind "Pass;Fail" > binskim_runtime
# binskim analyze "$KATA_RUNTIME_PATH" --level Error --kind "Pass;Fail" > binskim_result_runtime

- name: Scan tardev-snapshotter binary
run: |
Expand All @@ -92,7 +89,7 @@ jobs:
echo "Error: tardev-snapshotter binary not found!"
exit 1
fi
binskim analyze "$TARDEV_SNAPSHOTTER_PATH" --level Error --kind "Pass;Fail" > binskim_tardev
binskim analyze "$TARDEV_SNAPSHOTTER_PATH" --level Error --kind "Pass;Fail" > binskim_result_tardev
- name: Scan overlay binary
run: |
Expand All @@ -101,23 +98,23 @@ jobs:
echo "Error: kata-overlay binary not found!"
exit
fi
binskim analyze "$OVERLAY_PATH" --level Error --kind "Pass;Fail" > binskim_overlay
binskim analyze "$OVERLAY_PATH" --level Error --kind "Pass;Fail" > binskim_result_overlay
# Validate BinSkim result
- name: Validate BinSkim result
run: |
for file in binskim_agent binskim_tardev binskim_overlay; do
for file in binskim_result_agent binskim_result_tardev binskim_result_overlay; do
if [ ! -f "$file" ]; then
echo "Error: $file was not generated."
exit 1
fi
echo "Scanning Binary: ${file}"
echo "Validating: ${file}"
cat "$file"
if grep -qi "fail" "$file"; then
echo "Error: Failures detected in $file."
echo "Error: Failures detected in $file."
exit 1
fi
echo "--------------------------- End-------------------------"
done
echo "All BinSkim results are passing with no failures."
echo "All BinSkim results are passing with no failures."
5 changes: 1 addition & 4 deletions .github/workflows/clippy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,7 @@ name: Rust Clippy Check
on:
pull_request:
branches:
- msft-main # Adjust if needed
push:
branches:
- mitchzhu/clippy # Run the workflow when pushing to this branch
- msft-main

jobs:
clippy:
Expand Down
5 changes: 1 addition & 4 deletions .github/workflows/nancy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,7 @@ name: Go Dependency Security Check (Nancy)
on:
pull_request:
branches:
- msft-main # Adjust if needed
push:
branches:
- mitchzhu/clippy
- msft-main

jobs:
nancy:
Expand Down

0 comments on commit 3a3ac3e

Please sign in to comment.