jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-23 11:54:18 -05:00
Code Issues Projects Releases Wiki Activity
Files
840fb65b2ac5e26919a7b792df9c88879809edab
docs/tests/helpers/schemas/secret-scanning-schema.js
Sarah Schneider 5ee7bfe4ac Secret scanning structured data (#33117) 
Co-authored-by: Rachael Sewell <rachmari@github.com>
2023-03-03 18:20:50 +00:00

89 lines
2.5 KiB
JavaScript
Raw Blame History

import { schema } from '../../../lib/frontmatter.js'
// Secret scanning entries have `versions` blocks that match `versions` frontmatter,
// so we can import that part of the FM schema.
const versionsProps = Object.assign({}, schema.properties.versions)
// Tweak the imported versions schema so it works with AJV.
// *** TODO: We can drop the following once the frontmatter.js schema has been updated to work with AJV. ***
const properties = {}
Object.keys(versionsProps.properties).forEach((key) => {
const value = Object.assign({}, versionsProps.properties[key])
// AJV supports errorMessage, not message.
value.errorMessage = value.message
delete value.message
// AJV doesn't support conform, so we'll add semver validation in the lint-secret-scanning-data test.
if (value.conform) {
value.format = 'semver'
delete value.conform
}
properties[key] = value
})
versionsProps.properties = properties
delete versionsProps.required
// *** End TODO ***
// The secret-scanning.json contains an array of objects that look like this:
// {
// "provider": "Azure",
// "supportedSecret": "Azure SQL Connection String",
// "secretType": "azure_sql_connection_string",
// "versions": {
// "fpt": "*",
// "ghec": "*",
// "ghes": "*",
// "ghae": "<3.4"
// },
// "isPublic": true,
// "isPrivateWithGhas": true,
// "hasPushProtection": false
// },
export default {
type: 'array',
items: {
type: 'object',
additionalProperties: false,
required: [
'provider',
'supportedSecret',
// 'secretType', // TODO: Once the secretTypes are fully populated in the JSON, make this required.
'versions',
'isPublic',
'isPrivateWithGhas',
'hasPushProtection',
],
properties: {
provider: {
description: 'the name of the provider',
type: 'string',
},
supportedSecret: {
description: 'the name of the secret',
type: 'string',
},
secretType: {
description: 'the secret type',
type: 'string',
pattern: '[A-Za-z0-9_-]',
},
versions: versionsProps,
isPublic: {
description: 'whether the secret is publicly available',
type: 'boolean',
},
isPrivateWithGhas: {
description: 'whether the secret is available in GHAS',
type: 'boolean',
},
hasPushProtection: {
description: 'whether the secret has push protection',
type: 'boolean',
},
},
},
}
Reference in New Issue View Git Blame Copy Permalink