WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
Skip to content

Commit 0559cfb

Browse files
jbuckjbuck
authored
Merge pull request #412 from mozilla-it/jbuck/push-smzwwxnoyrly
fix: Add missing `:`
2 parents b48c0c1 + bf879ef commit 0559cfb

File tree

10 files changed

+136
-35
lines changed

10 files changed

+136
-35
lines changed

.github/workflows/pre-commit.yaml

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
name: pre-commit
2+
3+
on:
4+
pull_request: {}
5+
push:
6+
branches: main
7+
8+
concurrency:
9+
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
10+
cancel-in-progress: true
11+
12+
jobs:
13+
pre-commit:
14+
runs-on: ubuntu-latest
15+
steps:
16+
- name: Clone Repository
17+
uses: actions/checkout@v6
18+
- name: Install uv
19+
uses: astral-sh/setup-uv@v7
20+
- name: Install pre-commit
21+
shell: bash
22+
run: uv tool install pre-commit --with pre-commit-uv
23+
- run: pre-commit run --show-diff-on-failure --color=always --all-files
24+
shell: bash

.pre-commit-config.yaml

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -5,8 +5,6 @@
55
# Available pre-commit hooks
66
# https://pre-commit.com/hooks.html
77

8-
default_language_version:
9-
python: python3.7
108
fail_fast: true
119
repos:
1210
- repo: https://github.com/pre-commit/pre-commit-hooks
@@ -22,12 +20,13 @@ repos:
2220
hooks:
2321
- id: check-useless-excludes
2422
- repo: https://github.com/Yelp/detect-secrets
25-
rev: v0.13.0
23+
rev: v1.5.0
2624
hooks:
2725
- id: detect-secrets
2826
args: ['--baseline', '.secrets.baseline']
29-
- repo: https://github.com/mozilla-it/jsonschema-on-yaml
30-
rev: main
27+
- repo: https://github.com/python-jsonschema/check-jsonschema
28+
rev: 0.35.0
3129
hooks:
32-
- id: jsonschema-on-yaml
33-
args: ['refractr/refractr.yml', 'refractr/schema.yml']
30+
- id: check-jsonschema
31+
files: 'refractr\.yml$'
32+
args: ['--schemafile', 'refractr/schema.json']

.secrets.baseline

Lines changed: 101 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -1,54 +1,137 @@
11
{
2-
"exclude": {
3-
"files": null,
4-
"lines": null
5-
},
6-
"generated_at": "2020-04-03T02:39:25Z",
2+
"version": "1.5.0",
73
"plugins_used": [
4+
{
5+
"name": "ArtifactoryDetector"
6+
},
87
{
98
"name": "AWSKeyDetector"
109
},
1110
{
12-
"name": "ArtifactoryDetector"
11+
"name": "AzureStorageKeyDetector"
1312
},
1413
{
15-
"base64_limit": 4.5,
16-
"name": "Base64HighEntropyString"
14+
"name": "Base64HighEntropyString",
15+
"limit": 4.5
1716
},
1817
{
1918
"name": "BasicAuthDetector"
2019
},
2120
{
22-
"hex_limit": 3,
23-
"name": "HexHighEntropyString"
21+
"name": "CloudantDetector"
22+
},
23+
{
24+
"name": "DiscordBotTokenDetector"
25+
},
26+
{
27+
"name": "GitHubTokenDetector"
28+
},
29+
{
30+
"name": "GitLabTokenDetector"
31+
},
32+
{
33+
"name": "HexHighEntropyString",
34+
"limit": 3.0
35+
},
36+
{
37+
"name": "IbmCloudIamDetector"
38+
},
39+
{
40+
"name": "IbmCosHmacDetector"
41+
},
42+
{
43+
"name": "IPPublicDetector"
2444
},
2545
{
2646
"name": "JwtTokenDetector"
2747
},
2848
{
29-
"keyword_exclude": null,
30-
"name": "KeywordDetector"
49+
"name": "KeywordDetector",
50+
"keyword_exclude": ""
3151
},
3252
{
3353
"name": "MailchimpDetector"
3454
},
55+
{
56+
"name": "NpmDetector"
57+
},
58+
{
59+
"name": "OpenAIDetector"
60+
},
3561
{
3662
"name": "PrivateKeyDetector"
3763
},
64+
{
65+
"name": "PypiTokenDetector"
66+
},
67+
{
68+
"name": "SendGridDetector"
69+
},
3870
{
3971
"name": "SlackDetector"
4072
},
4173
{
4274
"name": "SoftlayerDetector"
4375
},
76+
{
77+
"name": "SquareOAuthDetector"
78+
},
4479
{
4580
"name": "StripeDetector"
81+
},
82+
{
83+
"name": "TelegramBotTokenDetector"
84+
},
85+
{
86+
"name": "TwilioKeyDetector"
87+
}
88+
],
89+
"filters_used": [
90+
{
91+
"path": "detect_secrets.filters.allowlist.is_line_allowlisted"
92+
},
93+
{
94+
"path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies",
95+
"min_level": 2
96+
},
97+
{
98+
"path": "detect_secrets.filters.heuristic.is_indirect_reference"
99+
},
100+
{
101+
"path": "detect_secrets.filters.heuristic.is_likely_id_string"
102+
},
103+
{
104+
"path": "detect_secrets.filters.heuristic.is_lock_file"
105+
},
106+
{
107+
"path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string"
108+
},
109+
{
110+
"path": "detect_secrets.filters.heuristic.is_potential_uuid"
111+
},
112+
{
113+
"path": "detect_secrets.filters.heuristic.is_prefixed_with_dollar_sign"
114+
},
115+
{
116+
"path": "detect_secrets.filters.heuristic.is_sequential_string"
117+
},
118+
{
119+
"path": "detect_secrets.filters.heuristic.is_swagger_file"
120+
},
121+
{
122+
"path": "detect_secrets.filters.heuristic.is_templated_secret"
46123
}
47124
],
48-
"results": {},
49-
"version": "0.13.0",
50-
"word_list": {
51-
"file": null,
52-
"hash": null
53-
}
125+
"results": {
126+
"docs/SRE_INFO.md": [
127+
{
128+
"type": "Hex High Entropy String",
129+
"filename": "docs/SRE_INFO.md",
130+
"hashed_secret": "19f5128f9b42e46e7ec93f4fc2882c9906c63fc2",
131+
"is_verified": false,
132+
"line_number": 73
133+
}
134+
]
135+
},
136+
"generated_at": "2025-11-23T20:47:13Z"
54137
}

docs/refractr-architecture.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ The refractr.yml spec allows for specifying tests in the form of given-source to
2929
### minimal changes
3030
Due to the nature of redirects and rewrites it is common to add new domains or subtract old ones. This means that the nginx config needs to be told which are the valid list of domains and update them when deploying a new refractr Docker image to GKE. When a new version of the refractr image is pushed to prod, redirects are already live.
3131

32-
In a second step, certificates must be created and linked to refractr's Loadbalancer -- this step currently requires a second PR to be opened after deployment. All certificates are managed with GCP's certificate manager api and attached to the Loadbalancer by a certmap, we manage all of those resources via terraform in refractr's infrastructure project.
32+
In a second step, certificates must be created and linked to refractr's Loadbalancer -- this step currently requires a second PR to be opened after deployment. All certificates are managed with GCP's certificate manager api and attached to the Loadbalancer by a certmap, we manage all of those resources via terraform in refractr's infrastructure project.
3333

3434
## refractr traffic flow
3535
Traffic flow to refractr starts with DNS. A domain that should be handled by the system must be pointed to it's Loadbalancer, usually by a CNAME, in some cases, by A / AAAA records. Once a request reaches the Loadbalancer, we force HTTPS, then forward to the actual application pods, which then handle individual redirects as configured.

examples/complex-redirect.yml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -59,4 +59,3 @@ validate:
5959
- 301 http://lockwise.firefox.com/ -> https://www.mozilla.org/firefox/lockwise/ MATCHED
6060
test-result: MATCHED
6161
validate-result: SUCCESS
62-

examples/complex-rewrite-with-if-and-redirect.yml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -68,4 +68,3 @@ validate:
6868
hops:
6969
- 301 http://en-uk.start.mozilla.com/ -> https://start.mozilla.org/en-uk/ MATCHED
7070
test-result: MATCHED
71-

examples/simple-multiple-sources.yml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,4 +41,3 @@ validate:
4141
- 301 http://labs.mozilla.com -> https://labs.mozilla.org/ MATCHED
4242
test-result: MATCHED
4343
validate-result: SUCCESS
44-

examples/simple-single-source.yml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,4 +31,3 @@ validate:
3131
- 301 http://wiki.mozilla.com -> https://wiki.mozilla.org/ MATCHED
3232
test-result: MATCHED
3333
validate-result: SUCCESS
34-

prod-refractr.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1228,17 +1228,17 @@ refracts:
12281228
- www.browseagainstthemachine.com
12291229

12301230
# SREIN-636
1231-
- www.mozilla.org/firefox/new/?utm_medium=referral&utm_source=downloadfirefox-us
1231+
- www.mozilla.org/firefox/new/?utm_medium=referral&utm_source=downloadfirefox-us:
12321232
- downloadfirefox.us
12331233
- www.downloadfirefox.us
12341234

12351235
# SREIN-636
1236-
- www.mozilla.org/firefox/new/?utm_medium=referral&utm_source=fire-fox-us
1236+
- www.mozilla.org/firefox/new/?utm_medium=referral&utm_source=fire-fox-us:
12371237
- fire-fox.us
12381238
- www.fire-fox.us
12391239

12401240
# SREIN-636
1241-
- www.mozilla.org/firefox/new/?utm_medium=referral&utm_source=mozillafirefox-us
1241+
- www.mozilla.org/firefox/new/?utm_medium=referral&utm_source=mozillafirefox-us:
12421242
- mozillafirefox.us
12431243
- www.mozillafirefox.us
12441244

@@ -1265,6 +1265,6 @@ refracts:
12651265
- www.mozillastore.com
12661266

12671267
# SREIN-636
1268-
- viewsourceconf.org/
1268+
- viewsourceconf.org/:
12691269
- viewsourceconf.com
12701270
- www.viewsourceconf.com

refractr/image/refractr.sh

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,4 +44,3 @@ case "$ACTION" in
4444
exit 1
4545
;;
4646
esac
47-

0 commit comments

Comments
 (0)