Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add policy for checking insecure_ssl configuration for github_repository_webhook in GitHub provider #355

Closed
HorizonNet opened this issue Oct 16, 2020 · 0 comments · Fixed by #386

Comments

@HorizonNet
Copy link
Contributor

Similar to #339, but on repository level. The GitHub provider has a resource github_repository_webhook, which can be used to setup a webhook for an organization. In the configuration it allows several options. One of the them is insecure_ssl, which is not recommended to be set to true. The new policy for the github policy set should check this configuration and report a violation if this option was set to true.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants