diff --git a/.github/actions/spelling/advice.md b/.github/actions/spelling/advice.md index c37267bc7..cea808b11 100644 --- a/.github/actions/spelling/advice.md +++ b/.github/actions/spelling/advice.md @@ -9,7 +9,7 @@ If items relate to a ... File paths are Perl 5 Regular Expressions - you can [test](https://www.regexplanet.com/advanced/perl/) yours before committing to verify it will match your files. - `^` refers to the file's path from the root of the repository, so `^README\.md$` would exclude [README.md](../tree/HEAD/README.md) (on whichever branch you're using). + `^` refers to the file's path from the root of the repository, so `^README\.md$` would exclude README.md (on whichever branch you're using). - well-formed pattern. diff --git a/.github/actions/spelling/expect.txt b/.github/actions/spelling/expect.txt index ce88ae2bc..0f365ff11 100644 --- a/.github/actions/spelling/expect.txt +++ b/.github/actions/spelling/expect.txt @@ -1,10 +1,8 @@ alices apiextensions APIV -base64data cainjection certmanager -CERTMANAGER clusterserviceversion crdkustomizecainjectionpatch crdkustomizeresource diff --git a/.github/actions/spelling/line_forbidden.patterns b/.github/actions/spelling/line_forbidden.patterns index 50b3698b8..c2946b21b 100644 --- a/.github/actions/spelling/line_forbidden.patterns +++ b/.github/actions/spelling/line_forbidden.patterns @@ -1,6 +1,17 @@ -# Detect common combinations of valid words that are in fact invalid. +# Detect common combinations of valid words that are in fact invalid. # Useful for brand capitalizations +# +# Our Terms +# + +# s.b. Mondoo Platform +\sMondoo platform\b + +# s.b. Compliance Hub +\scompliance hub\b +\sCompliance hubplatform\b + # # Industry Terms # @@ -36,6 +47,20 @@ # Product Names # +# s.b. Jira +\bJIRA\b + +# s.b. MariaDB +\bMaria DB\b +\bmariaDB\b +# \bmariaDb\b causes failures in MQL queries + +# s.b. PostgreSQL +\bPostgreSql\b + +# s.b. Firefox +\bFireFox\b + # s.b. CentOS \bCentos\b \bCent OS\b @@ -76,6 +101,7 @@ # s.b. Red Hat \bRedHat\b +\bRedhat\b # s.b. AlmaLinux \bAlma Linux\b @@ -88,11 +114,16 @@ # s.b. CircleCI \bCircleCi\b +\bCircle CI\b # s.b. AppArmor \bApparmor\b \bApp Armor\b +# s.b. SELinux +\bSeLinux\b +\bSelinux\b + # s.b. InSpec \b[Ii]nspec\b @@ -133,7 +164,7 @@ \bGroup Policy object\b # -# VMware Product +# VMware Products # # s.b. VMware @@ -144,6 +175,10 @@ \bVcenter\b \bVCenter\b +# s.b. vSphere +\bVsphere\b +\bVSphere\b + # s.b. ESXi \bEsxi\b @@ -177,10 +212,9 @@ \bCloudsearch\b # s.b. CloudShell +# we can't check for Cloud Shell since that's what Azure calls it \bCloudshell\b -\bCloud Shell\b -\bcloudshell\b -\bcloud shell\b +# cloudshell results in false positives # s.b. CloudTrail \bCloudtrail\b @@ -364,6 +398,9 @@ # Azure Products # +# s.b. Azure Pipelines +\bAzure DevOps Pipelines\b + # s.b. Key Vault \bKey vault\b \bKeyVault\b @@ -403,6 +440,8 @@ # s.b. Cosmos DB \bCosmosDB\b +\bCosmoDB\b +\bCosmo DB\b # s.b. SignalR Service \bSignalR service\b diff --git a/.github/actions/spelling/only.txt b/.github/actions/spelling/only.txt index 9114b1883..cfa27f7bc 100644 --- a/.github/actions/spelling/only.txt +++ b/.github/actions/spelling/only.txt @@ -1,3 +1 @@ \.md$ -\.yaml$ - diff --git a/.github/actions/spelling/patterns.txt b/.github/actions/spelling/patterns.txt index 05b116eba..008e6f192 100644 --- a/.github/actions/spelling/patterns.txt +++ b/.github/actions/spelling/patterns.txt @@ -74,3 +74,8 @@ uid:\s.*$ # mac user dir path \/Users\/\S* + +# AWS Token, ID access key, etc +aws_session_token\s+\=(\s+)?.+ +aws_access_key_id\s+\=(\s+)?.+ +aws_secret_access_key\s+\=(\s+)?.+ diff --git a/.github/actions/spelling/reject.txt b/.github/actions/spelling/reject.txt index b5a6d3680..0246d0f8a 100644 --- a/.github/actions/spelling/reject.txt +++ b/.github/actions/spelling/reject.txt @@ -1,3 +1,4 @@ +ad-hoc ^attache$ benefitting occurences? diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 291787045..67523eee8 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,3 +1,4 @@ +--- version: 2 updates: - package-ecosystem: gomod @@ -11,7 +12,7 @@ updates: - dependency-name: k8s.io/apimachinery - dependency-name: k8s.io/client-go - dependency-name: k8s.io/api - - package-ecosystem: "github-actions" - directory: "/" + - package-ecosystem: github-actions + directory: / schedule: - interval: "weekly" \ No newline at end of file + interval: weekly \ No newline at end of file diff --git a/.github/workflows/spell-check.yaml b/.github/workflows/spell-check.yaml index 22c77fc64..276c3196b 100644 --- a/.github/workflows/spell-check.yaml +++ b/.github/workflows/spell-check.yaml @@ -23,12 +23,13 @@ jobs: steps: - name: check-spelling id: spelling - uses: check-spelling/check-spelling@v0.0.21 + uses: check-spelling/check-spelling@v0.0.22 with: + disable_checks: noisy-file suppress_push_for_open_pull_request: 1 checkout: true post_comment: 0 - dictionary_source_prefixes: '{"mondoo": "https://raw.githubusercontent.com/mondoohq/spellcheck-dictionary/main/", "cspell": "https://raw.githubusercontent.com/check-spelling/cspell-dicts/v20220816/dictionaries/"}' + dictionary_source_prefixes: '{"mondoo": "https://raw.githubusercontent.com/mondoohq/spellcheck-dictionary/main/", "cspell": "https://raw.githubusercontent.com/check-spelling/cspell-dicts/v20230509/dictionaries/"}' extra_dictionaries: cspell:aws/aws.txt cspell:filetypes/filetypes.txt @@ -47,7 +48,7 @@ jobs: if: (success() || failure()) && needs.spelling.outputs.followup steps: - name: comment - uses: check-spelling/check-spelling@v0.0.21 + uses: check-spelling/check-spelling@v0.0.22 with: checkout: true task: ${{ needs.spelling.outputs.followup }} diff --git a/api/v1alpha2/mondoooperatorconfig_types.go b/api/v1alpha2/mondoooperatorconfig_types.go index fc7054ff2..3a031f376 100644 --- a/api/v1alpha2/mondoooperatorconfig_types.go +++ b/api/v1alpha2/mondoooperatorconfig_types.go @@ -26,7 +26,7 @@ type MondooOperatorConfigSpec struct { Metrics Metrics `json:"metrics,omitempty"` // Allows skipping Image resolution from upstream repository SkipContainerResolution bool `json:"skipContainerResolution,omitempty"` - // HttpProxy specifies a proxy to use for HTTP requests to the Mondoo platform. + // HttpProxy specifies a proxy to use for HTTP requests to the Mondoo Platform. HttpProxy *string `json:"httpProxy,omitempty"` } diff --git a/charts/mondoo-operator/templates/mondoooperatorconfig-crd.yaml b/charts/mondoo-operator/templates/mondoooperatorconfig-crd.yaml index 07ad78e29..c17c4e756 100644 --- a/charts/mondoo-operator/templates/mondoooperatorconfig-crd.yaml +++ b/charts/mondoo-operator/templates/mondoooperatorconfig-crd.yaml @@ -38,7 +38,7 @@ spec: properties: httpProxy: description: HttpProxy specifies a proxy to use for HTTP requests to - the Mondoo platform. + Mondoo Platform. type: string metrics: description: Metrics controls the enabling/disabling of metrics report diff --git a/config/crd/bases/k8s.mondoo.com_mondoooperatorconfigs.yaml b/config/crd/bases/k8s.mondoo.com_mondoooperatorconfigs.yaml index 855d0769d..a616473fe 100644 --- a/config/crd/bases/k8s.mondoo.com_mondoooperatorconfigs.yaml +++ b/config/crd/bases/k8s.mondoo.com_mondoooperatorconfigs.yaml @@ -41,7 +41,7 @@ spec: properties: httpProxy: description: HttpProxy specifies a proxy to use for HTTP requests - to the Mondoo platform. + to the Mondoo Platform. type: string metrics: description: Metrics controls the enabling/disabling of metrics report diff --git a/pkg/utils/mondoo/token_exchange.go b/pkg/utils/mondoo/token_exchange.go index a93d52352..ffa998c41 100644 --- a/pkg/utils/mondoo/token_exchange.go +++ b/pkg/utils/mondoo/token_exchange.go @@ -38,7 +38,7 @@ func CreateServiceAccountFromToken(ctx context.Context, kubeClient client.Client claims, ok := token.Claims.(jwt.MapClaims) if !ok { - err := fmt.Errorf("failed to type asesrt claims from token") + err := fmt.Errorf("failed to type assert claims from token") log.Error(err, "failed to extract claim") return err } diff --git a/pkg/utils/utils_test.go b/pkg/utils/utils_test.go index 9c436e20e..2d65b7841 100644 --- a/pkg/utils/utils_test.go +++ b/pkg/utils/utils_test.go @@ -24,13 +24,13 @@ func TestFiltering(t *testing.T) { expectedResult: true, }, { - name: "explictly excluded", + name: "explicitly excluded", input: "test-namespace", excludedList: []string{"test-namespace"}, expectedResult: false, }, { - name: "explictly included", + name: "explicitly included", input: "test-namespace", includedList: []string{"test-namespace"}, expectedResult: true, diff --git a/tests/framework/nexus/api/policy/policy.pb.go b/tests/framework/nexus/api/policy/policy.pb.go index 91396377f..e60b55d77 100644 --- a/tests/framework/nexus/api/policy/policy.pb.go +++ b/tests/framework/nexus/api/policy/policy.pb.go @@ -649,7 +649,7 @@ type Asset struct { Runtime string `protobuf:"bytes,38,opt,name=runtime,proto3" json:"runtime,omitempty"` // Asset FQDN, when present Fqdn string `protobuf:"bytes,39,opt,name=fqdn,proto3" json:"fqdn,omitempty"` - // ManagedBy for clients to "claim" responsbility for asset + // ManagedBy for clients to "claim" responsibility for asset ManagedBy string `protobuf:"bytes,40,opt,name=managed_by,json=managedBy,proto3" json:"managed_by,omitempty"` } diff --git a/tests/framework/nexus/api/policy/policy.proto b/tests/framework/nexus/api/policy/policy.proto index e79ecdd33..056f22b6a 100644 --- a/tests/framework/nexus/api/policy/policy.proto +++ b/tests/framework/nexus/api/policy/policy.proto @@ -131,7 +131,7 @@ message Asset { string runtime = 38; // Asset FQDN, when present string fqdn = 39; - // ManagedBy for clients to "claim" responsbility for asset + // ManagedBy for clients to "claim" responsibility for asset string managed_by = 40; }