Skip to content

Collect config environment variable usage metric

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

Proposal

Collect basic metrics about a Dependency scan. The scan_uuid allows joining to other Dependency scan metrics. With this event we can track all configurations that are not set to the default value.

Gemnasium

{
	"event": "collect_gemnasium_scan_non_default_config_metrics_from_pipeline",
	
	// Columns (join, filter, fast)
	
	"property": "scan_uuid",          // join: Allows joining
	"label": "<CONFIG_VAR>"           // fast: Config environment variable
}

Gemnasium-python

{
	"event": "collect_gemnasium_python_scan_non_default_config_metrics_from_pipeline",
	
	// Columns (join, filter, fast)
	
	"property": "scan_uuid",          // join: Allows joining
	"label": "<CONFIG_VAR>"           // fast: Config environment variable
}

Gemnasium-maven

{
	"event": "collect_gemnasium_maven_scan_non_default_config_metrics_from_pipeline",
	
	// Columns (join, filter, fast)
	
	"property": "scan_uuid",          // join: Allows joining
	"label": "<CONFIG_VAR>"           // fast: Config environment variable
}

DS analyzer

{
	"event": "collect_ds_analyzer_scan_non_default_config_metrics_from_pipeline",
	
	// Columns (join, filter, fast)
	
	"property": "scan_uuid",          // join: Allows joining
	"label": "<CONFIG_VAR>"           // fast: Config environment variable
}
Previous proposal 
{
	"event": "collect_gemnasium_scan_config_variable_metrics_from_pipeline",
	
	// Columns (join, filter, fast)
	
	"property": "scan_uuid",          // join: Allows joining
	"label": "<CONFIG_VAR>"           // fast: Config environment variable
        "value": 1                        // fast: 0 = default , 1 = non-default
}

DS analyzer

{
	"event": "collect_ds_analyzer_scan_config_variable_metrics_from_pipeline",
	
	// Columns (join, filter, fast)
	
	"property": "scan_uuid",          // join: Allows joining
	"label": "<CONFIG_VAR>"           // fast: Config environment variable
        "value": 1                        // fast: 0 = default , 1 = non-default
}

  2. Env vars configurations that are set to a non-default value.

Implementation Plan

  1. Define new internal event in monolith
  2. Define event in the event registry
  3. Whitelist event name for use in security report
  4. Populate event in Gemansium and DS security reports
  5. Validate event data is populating in snowflake
Edited by Nick Ilieskou