Gabbi security alerts: Investigate potentially missing alerts

newrelic / newrelic-ruby-agent

New Relic RPM Ruby Agent

https://docs.newrelic.com/docs/apm/agents/ruby-agent/getting-started/introduction-new-relic-ruby/

Apache License 2.0

1.2k stars 598 forks source link

Gabbi security alerts: Investigate potentially missing alerts #1686

Open fallwith opened 1 year ago

fallwith commented 1 year ago

Gabbi sources its Ruby specific CVE info from RubySec, but RubySec appears to be aware of issues such as the recent Nokogiri one that Gabbi is not informing us about. We should investigate whether any of these is happening:

the data is missing in the source feed that Gabbi consumes
the feed has the data, but Gabbi somehow skips over it
Gabbi gets at the data, and somehow fails to relay it (internet issues, Slack issues, etc.)

workato-integration[bot] commented 1 year ago

https://issues.newrelic.com/browse/NEWRELIC-5805

hannahramadan commented 1 year ago

Testing confirms that Gabbi gets all data, the feed has data, and Gabbi doesn't skip over data. It appears Gabbi was removed from the team's notifications Slack channel—Gabbi needs to be a part of a channel in order to post. It's unclear when or why Gabbi was removed, but she's since been added back.

I will manually check for new cves until we can confirm that gabbi is posting.

hannahramadan commented 1 year ago

Tested: webhooks silently fail. We should find a way to get notified of failures.

hannahramadan commented 1 year ago

Test: added debug statements to CI runs to narrow the window of where /why slacks are failing to post