kristianschneider commented 2 years ago

This implements healthcheck for live and SQL Db Meteringpoint created servicebus topic Meteringpoint created servicebus subscription Meteringpoint connected servicebus topic Meteringpoint connected servicebus subscription

gitguardian[bot] commented 2 years ago

⚠️ GitGuardian has uncovered 8 secrets following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secrets in your pull request

| GitGuardian id | Secret | Commit | Filename | | | -------------- | ------------------------- | ---------------- | --------------- | -------------------- | | [3129511](https://dashboard.gitguardian.com/incidents/3129511?occurrence=30865954) | Microsoft Azure Storage Account Key | 54ec9f88f3958dda9bac0060f11706149cabba08 | source/coordinator/Energinet.DataHub.Aggregation.Coordinator.CoordinatorFunction/local.settings.sample.json | [View secret](https://github.com/Energinet-DataHub/geh-aggregations/commit/54ec9f88f3958dda9bac0060f11706149cabba08#diff-f615f516099e1f8ebf8a028503fa9901e74131a4151b79d765c4a492ef63b2a3R5) | | [3129511](https://dashboard.gitguardian.com/incidents/3129511?occurrence=30865955) | Microsoft Azure Storage Account Key | 54ec9f88f3958dda9bac0060f11706149cabba08 | source/coordinator/Energinet.DataHub.Aggregation.Coordinator.CoordinatorFunction/local.settings.sample.json | [View secret](https://github.com/Energinet-DataHub/geh-aggregations/commit/54ec9f88f3958dda9bac0060f11706149cabba08#diff-f615f516099e1f8ebf8a028503fa9901e74131a4151b79d765c4a492ef63b2a3R6) | | [3129511](https://dashboard.gitguardian.com/incidents/3129511?occurrence=30943140) | Microsoft Azure Storage Account Key | 431a61a4eb2e83ff14d47463e319cd8f891c3104 | source/coordinator/Energinet.DataHub.Aggregation.Coordinator.CoordinatorFunction/local.settings.sample.json | [View secret](https://github.com/Energinet-DataHub/geh-aggregations/commit/431a61a4eb2e83ff14d47463e319cd8f891c3104#diff-f615f516099e1f8ebf8a028503fa9901e74131a4151b79d765c4a492ef63b2a3R5) | | [3129511](https://dashboard.gitguardian.com/incidents/3129511?occurrence=30943141) | Microsoft Azure Storage Account Key | 431a61a4eb2e83ff14d47463e319cd8f891c3104 | source/coordinator/Energinet.DataHub.Aggregation.Coordinator.CoordinatorFunction/local.settings.sample.json | [View secret](https://github.com/Energinet-DataHub/geh-aggregations/commit/431a61a4eb2e83ff14d47463e319cd8f891c3104#diff-f615f516099e1f8ebf8a028503fa9901e74131a4151b79d765c4a492ef63b2a3R6) | | [3129511](https://dashboard.gitguardian.com/incidents/3129511?occurrence=30971492) | Microsoft Azure Storage Account Key | fd74ee75de8ba8db126bbc3ddf1beed61bdb3c04 | source/coordinator/Energinet.DataHub.Aggregation.Coordinator.CoordinatorFunction/local.settings.sample.json | [View secret](https://github.com/Energinet-DataHub/geh-aggregations/commit/fd74ee75de8ba8db126bbc3ddf1beed61bdb3c04#diff-f615f516099e1f8ebf8a028503fa9901e74131a4151b79d765c4a492ef63b2a3R5) | | [3129511](https://dashboard.gitguardian.com/incidents/3129511?occurrence=30971493) | Microsoft Azure Storage Account Key | fd74ee75de8ba8db126bbc3ddf1beed61bdb3c04 | source/coordinator/Energinet.DataHub.Aggregation.Coordinator.CoordinatorFunction/local.settings.sample.json | [View secret](https://github.com/Energinet-DataHub/geh-aggregations/commit/fd74ee75de8ba8db126bbc3ddf1beed61bdb3c04#diff-f615f516099e1f8ebf8a028503fa9901e74131a4151b79d765c4a492ef63b2a3R6) | | [3129511](https://dashboard.gitguardian.com/incidents/3129511?occurrence=32828835) | Microsoft Azure Storage Account Key | fd6b76b0dff5ba284792ab554d37e55242aed53f | source/coordinator/Energinet.DataHub.Aggregation.Coordinator.CoordinatorFunction/local.settings.sample.json | [View secret](https://github.com/Energinet-DataHub/geh-aggregations/commit/fd6b76b0dff5ba284792ab554d37e55242aed53f#diff-f615f516099e1f8ebf8a028503fa9901e74131a4151b79d765c4a492ef63b2a3L5) | | [3129511](https://dashboard.gitguardian.com/incidents/3129511?occurrence=32828836) | Microsoft Azure Storage Account Key | fd6b76b0dff5ba284792ab554d37e55242aed53f | source/coordinator/Energinet.DataHub.Aggregation.Coordinator.CoordinatorFunction/local.settings.sample.json | [View secret](https://github.com/Energinet-DataHub/geh-aggregations/commit/fd6b76b0dff5ba284792ab554d37e55242aed53f#diff-f615f516099e1f8ebf8a028503fa9901e74131a4151b79d765c4a492ef63b2a3L6) |

🛠 Guidelines to remediate hardcoded secrets

1. Understand the implications of revoking this secret by investigating where it is used in your code. 2. Replace and store your secrets safely. [Learn here](https://blog.gitguardian.com/secrets-api-management?utm_source=product&utm_medium=GitHub_checks&utm_campaign=check_run_comment) the best practices. 3. Revoke and [rotate these secrets](https://docs.gitguardian.com/secrets-detection/detectors/specifics/microsoft_azure_storage_account_key#revoke-the-secret?utm_source=product&utm_medium=GitHub_checks&utm_campaign=check_run_comment). 4. If possible, [rewrite git history](https://blog.gitguardian.com/rewriting-git-history-cheatsheet?utm_source=product&utm_medium=GitHub_checks&utm_campaign=check_run_comment). Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data. To avoid such incidents in the future consider - following these [best practices](https://blog.gitguardian.com/secrets-api-management/?utm_source=product&utm_medium=GitHub_checks&utm_campaign=check_run_comment) for managing and storing secrets including API keys and other credentials - install [secret detection on pre-commit](https://docs.gitguardian.com/internal-repositories-monitoring/integrations/git_hooks/pre_commit?utm_source=product&utm_medium=GitHub_checks&utm_campaign=check_run_comment) to catch secret before it leaves your machine and ease remediation.

^{🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

Our GitHub checks need improvements? Share your feedbacks!}

codecov[bot] commented 2 years ago

Codecov Report

Merging #710 (0b79774) into main (3c9d669) will increase coverage by 11.11%. The diff coverage is 0.00%.

@@             Coverage Diff             @@
##             main     #710       +/-   ##
===========================================
+ Coverage   15.44%   26.55%   +11.11%     
===========================================
  Files          80      122       +42     
  Lines        1094     1683      +589     
  Branches      105      170       +65     
===========================================
+ Hits          169      447      +278     
- Misses        920     1218      +298     
- Partials        5       18       +13

Impacted Files	Coverage Δ
...onEventListener/Common/HealthCheckConfiguration.cs	`0.00% <0.00%> (ø)`
...onEventListener/HealthCheck/HealthCheckEndpoint.cs	`0.00% <0.00%> (ø)`
...b.Aggregations.IntegrationEventListener/Program.cs	`0.00% <0.00%> (ø)`
...t.DataHub.Aggregations.Domain/MasterData/Charge.cs	`0.00% <0.00%> (ø)`
...aHub.Aggregations.Domain/MasterData/ChargePrice.cs	`0.00% <0.00%> (ø)`
...onEvents/Mutators/MeteringPointConnectedMutator.cs	`60.00% <0.00%> (ø)`
...s/DTOs/MeteringPoints/MeteringPointCreatedEvent.cs	`93.33% <0.00%> (ø)`
...s.IntegrationEventListener/Common/EventMetadata.cs	`100.00% <0.00%> (ø)`
...taHub.Aggregations.Domain/MasterData/MarketRole.cs	`0.00% <0.00%> (ø)`
...ration/MeteringPointCreatedHandlerConfiguration.cs	`0.00% <0.00%> (ø)`
... and 33 more

:mega: Codecov can now indicate which changes are the most critical in Pull Requests. Learn more

laskli commented 2 years ago

@kristianschneider somehow you have comitted some secrets, that we should take care of and have removed from the source code. Maybe we should consider using squash commits for our PR's?

BjarkeMeier commented 2 years ago

@kristianschneider somehow you have comitted some secrets, that we should take care of and have removed from the source code. Maybe we should consider using squash commits for our PR's?

I'm not sure that squash is enough. The secrets may already have been picked up and they are also available as long as the branch lives. I think you should reach out to MD regarding this exposure.

Regarding squash I'd love us to use squash as we as a team doesn't seem to have good practices regarding creating a helpful git history. I believe squashing will help improve this to some degree.