What this PR does / why we need it:
We would like to exclude implementations of other cloudproviders in autoscaler, from getting scanned for vulnerabilities in checkmarx. Cloud providers other than MCM are excluded from codescans.
Essentially every code path traversed with mcm as cloudprovider (including the core logic) will be scanned now.
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
The current regex has one limitation. The kind /cloudprovider/+*mcm/.* paths will still be included in codescans.
Release note:
cloud providers other than `MCM` are excluded from checkmarx scans.
himanshu-kun
commented
1 year ago
What this PR does / why we need it: We would like to exclude implementations of other cloudproviders in autoscaler, from getting scanned for vulnerabilities in checkmarx. Cloud providers other than
MCMare excluded from codescans. Essentially every code path traversed withmcmas cloudprovider (including the core logic) will be scanned now.Which issue(s) this PR fixes: Fixes #
Special notes for your reviewer: The current regex has one limitation. The kind
/cloudprovider/+*mcm/.*paths will still be included in codescans.Release note: