- Update go version from `1.19` to `1.21`
[tools/go.mod]
- Update go version from `1.19` to `1.21`
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
* 🌱 Add probes for Branch Protection
Signed-off-by: AdamKorcz <adam@adalogics.com>
* specify that Scorecard only considers default and releases branches
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* reduce duplication in blocksDeleteOnBranches
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* use helper to test for boolean values
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Fix typo, mention OutcomeNotAvailable
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix typo and elaborate on effort
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix typo. Specify which branches the probe considers
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Fix copy paste typo
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove '/en' from url
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change effort from 'High' to 'Low' in the blocksForcePushOnBranches probe def
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix remediation level
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Change probe package name
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* improve probe definitions
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* refactor test names
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Change motivation of two probes
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* downgrade effort of runsStatusChecksBeforeMerging
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* reduce complexity of blocksForcePushOnBranches
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* simplify requiresCodeOwnersReview logic
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix linter issues
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix copy paste error
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* differentiate trueMsg and falseMsg in requiresApproversForPullRequests
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix text in requiresCodeOwnersReview
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change outcome in utils
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix lint issues
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix nit in text
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* use standardized messages
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove 'Uint32LargerThan0'
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Add number of required reviewers to values. Refactor to avoid nil-dereference
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix nit log message
Signed-off-by: Adam Korczynski <adam@adalogics.com>
---------
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* SAST: add Snyk probe
Adds Snyk's GitHub action (https://github.com/snyk/actions) as a probe.
Signed-off-by: David Korczynski <david@adalogics.com>
* nit
Signed-off-by: David Korczynski <david@adalogics.com>
* e2e: adjust sast test to additional probe
Signed-off-by: David Korczynski <david@adalogics.com>
* checks: sast: nit, fix e2e test
Signed-off-by: DavidKorczynski <david@adalogics.com>
* Add test with positive outcome
Signed-off-by: David Korczynski <david@adalogics.com>
* fix comment
Signed-off-by: David Korczynski <david@adalogics.com>
* sast: snyk: add workflow test
Signed-off-by: David Korczynski <david@adalogics.com>
* address review
Signed-off-by: David Korczynski <david@adalogics.com>
* sast: adjust snyk to be the same with sonar
Signed-off-by: David Korczynski <david@adalogics.com>
* provide path to WF file
Signed-off-by: David Korczynski <david@adalogics.com>
* adjust path for finding
Signed-off-by: David Korczynski <david@adalogics.com>
* use prefix rather than contains
Signed-off-by: David Korczynski <david@adalogics.com>
---------
Signed-off-by: David Korczynski <david@adalogics.com>
Signed-off-by: DavidKorczynski <david@adalogics.com>
* fix: differentiate between refs and sha gitab listcheckrunsforref
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
* address pr comments
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
* style: move gitlab call to one line
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
* update gitlab api comments
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
---------
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
Adding the Required field to PullRequestReviewRule made BranchRef slightly too big for the linter.
This code isn't highly used, so just ignoring the inefficiency for now.
Not sure why the staticcheck linter started complaining about the date error checking,
but fixed it while I was here.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* convert Signed Releases to probes
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Specify that probe is for Github and Gitlab only
Signed-off-by: AdamKorcz <adam@adalogics.com>
* use in loop instead of
Signed-off-by: AdamKorcz <adam@adalogics.com>
* fix linter issues
Signed-off-by: AdamKorcz <adam@adalogics.com>
* fix more linter issues
Signed-off-by: AdamKorcz <adam@adalogics.com>
* specify Github and Gitlab in provenance def.yml
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Add link to slsa-github-generator
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Add instructions on signing with Cosign
Signed-off-by: AdamKorcz <adam@adalogics.com>
* refactor evaluation
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* debug failing integration test
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove unused nolints
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* expose release name asset names in finding values
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix failed integration test
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove 'totalReleases' value from findings
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove left-over cases of "totalReleases" values in findings
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove remaining totalReleases values
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* use const probe names instead of hard-coded strings
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove totalReleases from test helper arguments
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* merge test helpers
Signed-off-by: Adam Korczynski <adam@adalogics.com>
---------
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* revert the change which made RequiredPullRequestReviews a pointer
While the current approach works with the tiered scoring,
it wont work for probes or if we remove tiers. Making the struct nil to
signal that PRs aren't required hides some of the data we do have.
This is especially problematic for repo rules, where we can infer all
settings by what we see or dont see.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* add helper to deref pointers
Signed-off-by: Spencer Schrock <sschrock@google.com>
* clarify comments and keep code consistent
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
* Use "never stale" tag on issues/PRs to keep stale-bot away
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Replace 'never stale' with 'icebox', 'help wanted'
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* Replace "icebox,help needed" with "backlog,help wanted"
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
---------
Signed-off-by: Pedro Kaj Kjellerup Nacht <pnacht@google.com>
* 🌱 Add probes to main call
Signed-off-by: AdamKorcz <adam@adalogics.com>
* fix linter issues
Signed-off-by: AdamKorcz <adam@adalogics.com>
* add test
Signed-off-by: AdamKorcz <adam@adalogics.com>
* add test coverage
Signed-off-by: AdamKorcz <adam@adalogics.com>
* remove
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* WIP
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change comment for 'ExperimentalRunProbes'
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix linter issues
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* make only one in root.go
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* relocate printing of output
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove FormatPJSON
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* reduce complexity of rootCmd
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* assign findings in runEnabledProbes
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change name of probe map
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* unwrap error
Signed-off-by: Adam Korczynski <adam@adalogics.com>
---------
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* feat(branch-protection): consider if project requires PRs prior to make changes
As discussed at the issue #2727, we're adding the "require PRs prior
to make changes" as another requirement to tier 2. In addition to that,
we're changing the weight of the tier 2 requirements so that
"requiring 1 reviewer" has weight 2, while the other tier 2 requirements
have weight 1
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* test(branch-protection): increment and adapt testing
1. Adapt previous test cases to consider that now we'll have an aditional
Info log telling that the project requires PRs to make changes.
2. Add more cases to test relevant use cases on the tier 2 level of
branch protection
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* docs(branch-protection-check): adapt check description to consider requirement of require PRs to make changes
It adds the new tier 2 requirement, but also specify that the
"require at least 1 reviewer" will have doubled weight.
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor(branch-protection-check): avoid duplicate funcions and enhance readability
Made some nice-to-have improvements on project readability,
making it easier easier to understand how the branch-protection
score is computed. Also unified 8 different functions that were
doing basically the same thing.
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* feat(branch-protection): standardize values received on evaluation
Previously, at the evaluation part of branch protetion, the
values nil and false or zero were sort of interchangeble. This commit
changes the code to set as nil only the data that could not be retrieved
from github -- all the others would have values as false, zero, true, etc
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* test(github-client): adapt and add tests to check if nil values are coherent
1. Add new test to evaluate how we're interpreting a rule with all
checkboxes unchecked (most shouldn't be nil)
2. Adapt existent tests to expect non-nil values for unchecked
checkboxes
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* feat(client-github): avoid reusing bool pointers
Changes some pieces of code to prefer using pointers of
bool instantiated independently. If reusing bool pointers, at some piece
of code the value of the bool could inadvertently changed and it would change the
value of all other fields reusing that pointer.
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* feat(branch-protection): enhance evaluation if scorecard was run by admin
At the evaluation step we were using some non untrusted fieldds of the
resposte to evaluate if Scorecard was run as admin or not. Now we're
using a field provided directly from the client file.
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* test(branch-protection): adapt testings to say if they have admin info or not
After last commit, the client will tell the evaluation files if
Scorecard was run by administrator or not (i.e., if we have all the
infos). This commit adapts the testings to also provide this info.
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* test(e2e-branch-protection): adapt number of logs after changes
- 2 warns (for 'last push approval' and 'codeowners review' disabled) were added because now those informations come as 'not-nil' at the evaluation part.
- 1 info was added to say that PRs are required to make changes
- 1 debug was removed because it said that we couldn't retrieve 'last push approval' information, but we actually can. It was just incorrectly set as nil
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* Revert the 2 commits with changes around how Scorecard detects admin run
Reverts commit 64c3521d89a6493e0d8c7527aa011f98c3e35719 and commit e2662b7173ef90b44b2d72c37614230440e8a919.
Both had chances around using clients/branch.go scructur to store the
information of whether Scorecard was being run by admin or not. We
decided to not change this structure for this purpose.
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor(branch-protection): change data structure to use pointer instead of value
At clients.BranchProtectionRule struct, changing
RequiredPullRequestReviews to be a pointer instead of a struct value.
This will allow the usage of the nil value of this structure to mean
that we can't say if the repository requires reviews or not.
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* feat(branch-protection): use nil pointer on reviewers struct to mean
we don't know if they require PRs
The nil value of the struct RequiredPullRequestReviews will now mean
that we can't tell whether the project requires PRs to make changes or not.
When we get this case, we're printing a debug informing that we don't have
this data, but also printing a warn saying that they don't require
reviews, because that will be true at this case.
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* test(branch-protection): if we're setting the reviewers struct to nil
when needed
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* doc(branch-protection): add code comment explaining different weight on tier 2 scores
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor(branch-protection): avoid duplicate if branches on reviewers num comparation
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* docs(branch-protection): clarify commentings around data structure
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor: clean code on parsing GitHub BP data
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* feat(branch-protection): ressignify the nil PullRequestReviewRule to mean PR not required
Adapt translation of data from GitHub API, now for our internal data
modeling, having a nil PullRequestReviewRule structure will mean that
PRs are not required on the repo (can also mean we don't have data to
ensure that).
It also changes the order of the calls of copyNonAdminSettings and
copyAdminSettings to make the first one be called first. This eases the
code because the PullRequestReviewRule can be always instantiated at
this function.
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* test(branch-protection): ensure we translate GitHub BP data as expected
Ensure we're correctly translating GitHub data from the old Branch
Protection config.
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* feat(branch-protection): adapt score evaluation after 2efeee6512
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* test(branch-protection): adapt testings to changes of last commits
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* docs(branch-protection): add TODO comments pointing refactor opportunities
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* fix: avoid penalyzing non-admin for dismissStaleReview
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* fix(branch-protection): prevent false value from API field to become nil
When translating the API results, if the specific field `DismissesStaleReviews`
had a false value, it was not being initiated in our data model and was
remaining nil.
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor: clarify different weight on first reviewer
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor: enhance clarity of loggings and comments
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* test(branch-protection): new test to cover different rules affecting same branch
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* docs(branch-protection): change requirements ordering to keep admin ones together
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor(branch-protection): simplify auxiliary function
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor(branch-protection): fix code format to linter requirements
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor(branch-protection): avoid unnecessary initializations and rename function
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* test(branch-protection): adapt test that was forgotten on commit 6858790a3e
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor(branch-protection): use enums to represent tiers
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor(branch-protection): remove nil fields of struct initialization when they dont contribute for clarification
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor(branch-protection): simplify functions by using generics
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* docs(branch-protection): update docs after generate-docs run
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* fix(branch-protection): fix duplicated line on code
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* fix(branch-protection): stop exporting Tier enum
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* refactor(branch-protection): changing unchanged var to const
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* test(branch-protection): Rename test and adapt it to be consistent with its purpose
I also changed the test to not require PRs, as it's how it is when a new GitHub
Branch Protection config is created. The changes on the loggings numbers are due
to:
1. A warning for not having DismissStaleReviews became a debug
2. Removed the warning we had for not requiring CodeOwners
3. Have a new warning for not requiring PRe
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
---------
Signed-off-by: Diogo Teles Sant'Anna <diogoteles@google.com>
* 🌱 convert Webhook check to probes
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Add test + nits
Signed-off-by: AdamKorcz <adam@adalogics.com>
* replace probe with OutcomeNotApplicable
Signed-off-by: AdamKorcz <adam@adalogics.com>
* return one finding per webhook
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change wording in def.yml
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change wording in def.yml and checks.md
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove unused struct in test
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* align checks.md with checks.yaml
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* bring back experimental for webhooks
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change 'token' to 'secret' in probe
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* use checker.MinResultScore instead of 0
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Change test name
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* use checker.MinResultScore instead of 0
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix typo
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* Use checker.MaxResultScore instead of 10
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* rename probe
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove the 'totalWebhooks' value from findings
Signed-off-by: Adam Korczynski <adam@adalogics.com>
---------
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* 🌱 convert binary artifact check to probe
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Reword motivation
Signed-off-by: AdamKorcz <adam@adalogics.com>
* remove unused variable in test
Signed-off-by: AdamKorcz <adam@adalogics.com>
* remove positiveOutcome() and length check
Signed-off-by: AdamKorcz <adam@adalogics.com>
* fix wrong check name
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Split into two probes: One with and one without gradle-wrappers
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Add description about what Scorecard considers a verified binary
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change 'trusted' to 'verified'
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove nil check
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove filtering
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* use const scores in tests
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* rename test
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* add sanity check in loop
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* rename binary file const
Signed-off-by: Adam Korczynski <adam@adalogics.com>
---------
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* fix: parse gitlab pipeline status to their GitHub equivalent
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
* change completed string to const
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
---------
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
* 🌱 convert CII Best Practices check to probes
Signed-off-by: AdamKorcz <adam@adalogics.com>
* change 'NOT' to 'not'
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Change wording in probes
Signed-off-by: AdamKorcz <adam@adalogics.com>
* add links to text
Signed-off-by: AdamKorcz <adam@adalogics.com>
* fix typo
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Edit text in def.yml
Signed-off-by: AdamKorcz <adam@adalogics.com>
* remove hasBadgeNotFound probe
Signed-off-by: AdamKorcz <adam@adalogics.com>
* remove 'that' from text
Signed-off-by: AdamKorcz <adam@adalogics.com>
* use CreateMinScoreResult instead of CreateResultWithScore
Signed-off-by: AdamKorcz <adam@adalogics.com>
* use MaxResultScore instead of maxScore
Signed-off-by: AdamKorcz <adam@adalogics.com>
* return CreateRuntimeErrorResult sooner rather than later
Signed-off-by: AdamKorcz <adam@adalogics.com>
* Combine probes into one
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove minScore variable
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* remove 'hasInProgressBadge' probe
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* make badge levels global variables
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* return -1 for unsupported badge
Signed-off-by: Adam Korczynski <adam@adalogics.com>
* change text for unknown and unsupported badges
Signed-off-by: Adam Korczynski <adam@adalogics.com>
---------
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Adam Korczynski <adam@adalogics.com>
Thanks to @AdnaneKhan for the report.
* start with reporter patch
* use env variable for bash step too
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
