Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add policy for checking insecure_ssl configuration for github_organization_webhook in GitHub provider #339

Closed
HorizonNet opened this issue Sep 19, 2020 · 0 comments · Fixed by #350
Closed

Add policy for checking insecure_ssl configuration for github_organization_webhook in GitHub provider #339

HorizonNet opened this issue Sep 19, 2020 · 0 comments · Fixed by #350
Labels
enhancement

Comments

@HorizonNet
Copy link
Contributor

The GitHub provider has a resource github_organization_webhook, which can be used to setup a webhook for an organization. In the configuration it allows several options. One of the them is insecure_ssl, which is not recommended to be set to true. The new policy for the github policy set should check this configuration and report a violation if this option was set to true.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add new policy for checking insecure_ssl on github_organization_webhook
2 participants
@HorizonNet @cesar-rodriguez