[mgmt] credscan errors #25414
Assignees
Comments
This was referenced Apr 3, 2023
Merged
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Aggregate-report result: https://dev.azure.com/azure-sdk/internal/_build/results?buildId=2666084&view=logs&j=3b141548-98d7-5be1-7ef8-eeb08ca02972&t=7989ab4d-bdd3-5239-37e1-e3681bbc7025 (MS INTERNAL)
Linkified result:
#[error]1. Credential Scanner Error CSCAN-GENERAL0130 - File: https://github.com/Azure/azure-sdk-for-js/tree/6f4755cf7480d80968b91eb07405f8776d0cbe32/sdk/automation/arm-automation/samples-dev/sourceControlCreateOrUpdateSample.ts#L39. Column 20.
A potential secret was detected in 'sourceControlCreateOrUpdateSample.ts':(CSCAN-GENERAL0130 Client Secret / Api Key) Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan.
#[error]2. Credential Scanner Error CSCAN-GENERAL0130 - File: https://github.com/Azure/azure-sdk-for-js/tree/6f4755cf7480d80968b91eb07405f8776d0cbe32/sdk/automation/arm-automation/samples-dev/sourceControlUpdateSample.ts#L38. Column 20.
A potential secret was detected in 'sourceControlUpdateSample.ts':(CSCAN-GENERAL0130 Client Secret / Api Key) Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan.
#[error]3. Credential Scanner Error CSCAN-GENERAL0020 - File: https://github.com/Azure/azure-sdk-for-js/tree/6f4755cf7480d80968b91eb07405f8776d0cbe32/sdk/security/arm-security/samples-dev/connectorsCreateOrUpdateSample.ts#L114. Column 9.
A potential secret was detected in 'connectorsCreateOrUpdateSample.ts':(CSCAN-GENERAL0020 X.509 Certificate Private Key) Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan.
#[error]4. Credential Scanner Error CSCAN-GENERAL0120 - File: https://github.com/Azure/azure-sdk-for-js/tree/6f4755cf7480d80968b91eb07405f8776d0cbe32/sdk/apimanagement/arm-apimanagement/samples/v9/javascript/performConnectivityCheckAsyncSample.js#L30. Column 59.
A potential secret was detected in 'performConnectivityCheckAsyncSample.js':(CSCAN-GENERAL0120 Http Authorization Header) Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan.
#[error]5. Credential Scanner Error CSCAN-GENERAL0130 - File: https://github.com/Azure/azure-sdk-for-js/tree/6f4755cf7480d80968b91eb07405f8776d0cbe32/sdk/automation/arm-automation/samples/v11-beta/javascript/sourceControlCreateOrUpdateSample.js#L34. Column 20.
A potential secret was detected in 'sourceControlCreateOrUpdateSample.js':(CSCAN-GENERAL0130 Client Secret / Api Key) Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan.
#[error]6. Credential Scanner Error CSCAN-GENERAL0130 - File: https://github.com/Azure/azure-sdk-for-js/tree/6f4755cf7480d80968b91eb07405f8776d0cbe32/sdk/automation/arm-automation/samples/v11-beta/javascript/sourceControlUpdateSample.js#L33. Column 20.
A potential secret was detected in 'sourceControlUpdateSample.js':(CSCAN-GENERAL0130 Client Secret / Api Key) Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan.
#[error]7. Credential Scanner Error CSCAN-GENERAL0120 - File: https://github.com/Azure/azure-sdk-for-js/tree/6f4755cf7480d80968b91eb07405f8776d0cbe32/sdk/containerregistry/arm-containerregistry/samples/v10/javascript/webhooksCreateSample.js#L30. Column 28.
A potential secret was detected in 'webhooksCreateSample.js':(CSCAN-GENERAL0120 Http Authorization Header) Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan.
#[error]8. Credential Scanner Error CSCAN-GENERAL0120 - File: https://github.com/Azure/azure-sdk-for-js/tree/6f4755cf7480d80968b91eb07405f8776d0cbe32/sdk/containerregistry/arm-containerregistry/samples/v10/javascript/webhooksUpdateSample.js#L30. Column 28.
A potential secret was detected in 'recording_get_token.json':(CSCAN-GENERAL0130 Client Secret / Api Key) Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan.
#[error]11. Credential Scanner Error CSCAN-GENERAL0020 - File: https://github.com/Azure/azure-sdk-for-js/tree/6f4755cf7480d80968b91eb07405f8776d0cbe32/sdk/security/arm-security/samples/v6-beta/javascript/connectorsCreateOrUpdateSample.js#L103. Column 9.
A potential secret was detected in 'connectorsCreateOrUpdateSample.js':(CSCAN-GENERAL0020 X.509 Certificate Private Key) Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan.
#[error]12. Credential Scanner Error CSCAN-GENERAL0130 - File: https://github.com/Azure/azure-sdk-for-js/tree/6f4755cf7480d80968b91eb07405f8776d0cbe32/sdk/automation/arm-automation/samples/v11-beta/typescript/src/sourceControlCreateOrUpdateSample.ts#L39. Column 20.
A potential secret was detected in 'sourceControlCreateOrUpdateSample.ts':(CSCAN-GENERAL0130 Client Secret / Api Key) Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan.
#[error]13. Credential Scanner Error CSCAN-GENERAL0130 - File: https://github.com/Azure/azure-sdk-for-js/tree/6f4755cf7480d80968b91eb07405f8776d0cbe32/sdk/automation/arm-automation/samples/v11-beta/typescript/src/sourceControlUpdateSample.ts#L38. Column 20.
A potential secret was detected in 'sourceControlUpdateSample.ts':(CSCAN-GENERAL0130 Client Secret / Api Key) Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan.
#[error]14. Credential Scanner Error CSCAN-GENERAL0020 - File: https://github.com/Azure/azure-sdk-for-js/tree/6f4755cf7480d80968b91eb07405f8776d0cbe32/sdk/security/arm-security/samples/v6-beta/typescript/src/connectorsCreateOrUpdateSample.ts#L114. Column 9.
A potential secret was detected in 'connectorsCreateOrUpdateSample.ts':(CSCAN-GENERAL0020 X.509 Certificate Private Key) Validate file contains secrets, remove, roll credential, and use approved store. For additional information on secret remediation see https://aka.ms/credscan.
I assume all these are test-only and wonder whether private key id and value can be read from env variables instead of hard coded. For other tokens, maybe one of the known place holders from https://github.com/Azure/azure-sdk-for-js/blob/main/eng/CredScanSuppression.json#L5 could work
The text was updated successfully, but these errors were encountered: