From 5c9838896ee179142eeef36ed02b34caa317f359 Mon Sep 17 00:00:00 2001 From: Adam Korczynski Date: Wed, 10 Jan 2024 21:55:31 +0000 Subject: [PATCH] remove protected values from probes Signed-off-by: Adam Korczynski --- probes/blocksDeleteOnBranches/impl.go | 8 -------- probes/blocksForcePushOnBranches/impl.go | 8 -------- probes/branchProtectionAppliesToAdmins/impl.go | 8 -------- probes/requiresApproversForPullRequests/impl.go | 8 -------- probes/requiresLastPushApproval/impl.go | 8 -------- probes/requiresPRsToChangeCode/impl.go | 17 +++-------------- probes/requiresUpToDateBranches/impl.go | 8 -------- probes/runsStatusChecksBeforeMerging/impl.go | 8 -------- 8 files changed, 3 insertions(+), 70 deletions(-) diff --git a/probes/blocksDeleteOnBranches/impl.go b/probes/blocksDeleteOnBranches/impl.go index 56a38e96d9b..4bc8a0151d7 100644 --- a/probes/blocksDeleteOnBranches/impl.go +++ b/probes/blocksDeleteOnBranches/impl.go @@ -52,14 +52,6 @@ func Run(raw *checker.RawResults) ([]finding.Finding, string, error) { for i := range r.Branches { branch := &r.Branches[i] - protected := !(branch.Protected != nil && !*branch.Protected) - var protectedValue int - if protected { - protectedValue = 1 - } else { - protectedValue = 0 - } - var text string var outcome finding.Outcome switch { diff --git a/probes/blocksForcePushOnBranches/impl.go b/probes/blocksForcePushOnBranches/impl.go index fd96e9b73c4..1f116b39e80 100644 --- a/probes/blocksForcePushOnBranches/impl.go +++ b/probes/blocksForcePushOnBranches/impl.go @@ -52,14 +52,6 @@ func Run(raw *checker.RawResults) ([]finding.Finding, string, error) { for i := range r.Branches { branch := &r.Branches[i] - protected := !(branch.Protected != nil && !*branch.Protected) - var protectedValue int - if protected { - protectedValue = 1 - } else { - protectedValue = 0 - } - var text string var outcome finding.Outcome switch { diff --git a/probes/branchProtectionAppliesToAdmins/impl.go b/probes/branchProtectionAppliesToAdmins/impl.go index 3ce0ac33d4a..87f715d2101 100644 --- a/probes/branchProtectionAppliesToAdmins/impl.go +++ b/probes/branchProtectionAppliesToAdmins/impl.go @@ -53,14 +53,6 @@ func Run(raw *checker.RawResults) ([]finding.Finding, string, error) { for i := range r.Branches { branch := &r.Branches[i] - protected := !(branch.Protected != nil && !*branch.Protected) - var protectedValue int - if protected { - protectedValue = 1 - } else { - protectedValue = 0 - } - p := branch.BranchProtectionRule.EnforceAdmins text, outcome, err := branchprotection.GetTextOutcomeFromBool(p, "branch protection settings apply to administrators", diff --git a/probes/requiresApproversForPullRequests/impl.go b/probes/requiresApproversForPullRequests/impl.go index b5b49332a9f..79123b3984e 100644 --- a/probes/requiresApproversForPullRequests/impl.go +++ b/probes/requiresApproversForPullRequests/impl.go @@ -57,14 +57,6 @@ func Run(raw *checker.RawResults) ([]finding.Finding, string, error) { for i := range r.Branches { branch := &r.Branches[i] - protected := !(branch.Protected != nil && !*branch.Protected) - var protectedValue int - if protected { - protectedValue = 1 - } else { - protectedValue = 0 - } - nilMsg := fmt.Sprintf("could not determine whether branch '%s' has required approving review count", *branch.Name) trueMsg := fmt.Sprintf("required approving review count on branch '%s'", *branch.Name) falseMsg := fmt.Sprintf("branch '%s' does not require approvers", *branch.Name) diff --git a/probes/requiresLastPushApproval/impl.go b/probes/requiresLastPushApproval/impl.go index 524e489b972..55df69756ae 100644 --- a/probes/requiresLastPushApproval/impl.go +++ b/probes/requiresLastPushApproval/impl.go @@ -53,14 +53,6 @@ func Run(raw *checker.RawResults) ([]finding.Finding, string, error) { for i := range r.Branches { branch := &r.Branches[i] - protected := !(branch.Protected != nil && !*branch.Protected) - var protectedValue int - if protected { - protectedValue = 1 - } else { - protectedValue = 0 - } - p := branch.BranchProtectionRule.RequireLastPushApproval text, outcome, err := branchprotection.GetTextOutcomeFromBool(p, "last push approval", *branch.Name) if err != nil { diff --git a/probes/requiresPRsToChangeCode/impl.go b/probes/requiresPRsToChangeCode/impl.go index 78dfc193661..12e29d119b4 100644 --- a/probes/requiresPRsToChangeCode/impl.go +++ b/probes/requiresPRsToChangeCode/impl.go @@ -52,14 +52,6 @@ func Run(raw *checker.RawResults) ([]finding.Finding, string, error) { for i := range r.Branches { branch := &r.Branches[i] - protected := !(branch.Protected != nil && !*branch.Protected) - var protectedValue int - if protected { - protectedValue = 1 - } else { - protectedValue = 0 - } - nilMsg := fmt.Sprintf("could not determine whether branch '%s' requires PRs to change code", *branch.Name) trueMsg := fmt.Sprintf("PRs are required in order to make changes on branch '%s'", *branch.Name) falseMsg := fmt.Sprintf("PRs are not required to make changes on branch '%s'; ", *branch.Name) + @@ -78,20 +70,17 @@ func Run(raw *checker.RawResults) ([]finding.Finding, string, error) { case p == nil: f = f.WithMessage(nilMsg).WithOutcome(finding.OutcomeNotAvailable) f = f.WithValues(map[string]int{ - *branch.Name: 1, - "branchProtected": protectedValue, + *branch.Name: 1, }) case *p: f = f.WithMessage(trueMsg).WithOutcome(finding.OutcomePositive) f = f.WithValues(map[string]int{ - *branch.Name: 1, - "branchProtected": protectedValue, + *branch.Name: 1, }) case !*p: f = f.WithMessage(falseMsg).WithOutcome(finding.OutcomeNegative) f = f.WithValues(map[string]int{ - *branch.Name: 1, - "branchProtected": protectedValue, + *branch.Name: 1, }) default: return nil, Probe, fmt.Errorf("create finding: %w", errWrongValue) diff --git a/probes/requiresUpToDateBranches/impl.go b/probes/requiresUpToDateBranches/impl.go index de68c277100..b5183dca970 100644 --- a/probes/requiresUpToDateBranches/impl.go +++ b/probes/requiresUpToDateBranches/impl.go @@ -53,14 +53,6 @@ func Run(raw *checker.RawResults) ([]finding.Finding, string, error) { for i := range r.Branches { branch := &r.Branches[i] - protected := !(branch.Protected != nil && !*branch.Protected) - var protectedValue int - if protected { - protectedValue = 1 - } else { - protectedValue = 0 - } - p := branch.BranchProtectionRule.CheckRules.UpToDateBeforeMerge text, outcome, err := branchprotection.GetTextOutcomeFromBool(p, "up-to-date branches", diff --git a/probes/runsStatusChecksBeforeMerging/impl.go b/probes/runsStatusChecksBeforeMerging/impl.go index ff0cbffa43f..25cee86200b 100644 --- a/probes/runsStatusChecksBeforeMerging/impl.go +++ b/probes/runsStatusChecksBeforeMerging/impl.go @@ -52,14 +52,6 @@ func Run(raw *checker.RawResults) ([]finding.Finding, string, error) { for i := range r.Branches { branch := &r.Branches[i] - protected := !(branch.Protected != nil && !*branch.Protected) - var protectedValue int - if protected { - protectedValue = 1 - } else { - protectedValue = 0 - } - switch { case len(branch.BranchProtectionRule.CheckRules.Contexts) > 0: f, err := finding.NewWith(fs, Probe,