Added directions for Heimdall Lite #59
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… looad into Heimdall Lite Signed-off-by: Aaron Lippold <[email protected]>
Signed-off-by: Aaron Lippold <[email protected]>
|
/gcbrun |
binamov
requested changes
Sep 21, 2020
There was a problem hiding this comment.
@aaronlippold thank you for this! I have a small suggestion to make the walkthrough experience better. LMK if it doesn't make sense.
…for action steps Signed-off-by: Aaron Lippold <[email protected]>
|
If we agree on the communication and presentation here, I will merge it into the other PRs as well. Please feel free to edit on your side if you see anything. Once merged, we can update the other profiles. |
|
/gcbrun |
aaronlippold
commented
Sep 25, 2020
inspec.yml
Outdated
| copyright_email: '[email protected]' | ||
| license: 'Apache-2.0' | ||
| summary: 'Inspec Google Cloud Platform Center for Internet Security Benchmark v1.1 Profile' | ||
| version: 1.1.0-17 |
There was a problem hiding this comment.
This will need to be bumped with the changes we have made to ensure folks profiles update
|
/gcbrun |
|
@aaronlippold seems we have a problem in inspec.yml |
Signed-off-by: Aaron Lippold <[email protected]>
|
/gcbrun |
|
CI seems angry that there's no |
binamov
reviewed
Oct 1, 2020
| - name: gcp_project_id | ||
| description: "The GCP project identifier." | ||
| type: String | ||
| required: true |
There was a problem hiding this comment.
CI is angry there's no value for this...
There was a problem hiding this comment.
CI continues to be angry about not having a value for gcp_project_id @aaronlippold, I can't push to your branch. Can you please add a commit?
There was a problem hiding this comment.
added a default dummy value - let me know if that helps. I will see about updating my PRs to ensure you all have push access.
|
Yes I noticed an odd behavior where in spec check seems to be complaining.
I think I will have to open an issue upstream. As a workaround we may have
to just set a dummy value even though that defeats the purpose of making it
a required input. Could you give that a shot on your side and see if that
resolves the issue and we can open an upstream issue.
…On Thu, Oct 1, 2020, 7:23 PM Bakh Inamov ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In inspec.yml
<#59 (comment)>
:
> -- name: sa_key_older_than_seconds
- description: 'How many seconds SA keys should not be older than'
- value: 7776000
- type: numeric
-- name: kms_rotation_period_seconds
- description: 'How many seconds KMS Keys should be last rotated (90 days)'
- value: 7776000
- type: numeric
-- name: bucket_logging_ignore_regex
- description: 'Ignore this bucket by regex from requiring logging to be enabled'
+ # {{gcp_project_id}} and {{bucket_logging_ignore_regex}}
+ # must be defined at runtime by the user
+ - name: gcp_project_id
+ description: "The GCP project identifier."
+ type: String
+ required: true
CI is angry there's no value for this...
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#59 (review)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALK42GQJMXSRMWULKKAZFTSIUFODANCNFSM4RTLXR2A>
.
|
|
Yeah adding a blank or a dummy |
|
Also needs a version bump in inspec.yml to fix merge conflict. |
|
Oops. I’ll make sure to send it that maintainers can push next time I guess
I forgot it
On Mon, Oct 5, 2020 at 5:03 PM Bakh Inamov ***@***.***> wrote:
Also needs a version bump in inspec.yml to fix merge conflict.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#59 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AALK42GTISQZKKOCTWH5YNDSJIYATANCNFSM4RTLXR2A>
.
--
--------
Aaron Lippold
[email protected]
260-255-4779
twitter/aim/yahoo,etc.
'aaronlippold'
|
|
/gcbrun |
binamov
requested changes
Oct 13, 2020
| - name: gcp_project_id | ||
| description: "The GCP project identifier." | ||
| type: String | ||
| required: true |
There was a problem hiding this comment.
CI continues to be angry about not having a value for gcp_project_id @aaronlippold, I can't push to your branch. Can you please add a commit?
|
/gcbrun |
|
Thank you for your contribution @aaronlippold ! Looks great! 🚀 |
KonradSchieban
pushed a commit
to KonradSchieban/inspec-gcp-cis-benchmark
that referenced
this pull request
Jul 4, 2021
* added directions to README and Walkthough to create a json result and looad into Heimdall Lite * added default dummy value for the project_id * fixed indent issues in inspec.yml * fixed markdown syntax in README Signed-off-by: Aaron Lippold <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Signed-off-by: Aaron Lippold [email protected]