Skip to content

Commit 779f129

Browse files
authored
fix: policies not using the new settings setup (#8)
Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
1 parent 179ce13 commit 779f129

4 files changed

Lines changed: 14 additions & 6 deletions

policies/gh_org_secret_dependabot_alerts.rego

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ risk_templates := [
3737
]
3838

3939
violation[{"id": "dependabot_alerts_not_default"}] if {
40-
input.dependabot_alerts_enabled_for_new_repositories == false
40+
input.settings.dependabot_alerts_enabled_for_new_repositories == false
4141
}
4242

4343
title := "Dependabot alerts enabled for new repositories"

policies/gh_org_secret_dependabot_alerts_test.rego

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,12 +2,16 @@ package compliance_framework.dependabot_alerts
22

33
test_scanning_enabled_new_repos if {
44
count(violation) == 0 with input as {
5-
"dependabot_alerts_enabled_for_new_repositories": true
5+
"settings": {
6+
"dependabot_alerts_enabled_for_new_repositories": true
7+
}
68
}
79
}
810

911
test_secret_scanning_enabled_new_repos_violate_if_disabled if {
1012
count(violation) > 0 with input as {
11-
"dependabot_alerts_enabled_for_new_repositories": false
13+
"settings": {
14+
"dependabot_alerts_enabled_for_new_repositories": false
15+
}
1216
}
1317
}

policies/gh_org_secret_scanning_enabled.rego

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ risk_templates := [
4444
]
4545

4646
violation[{"id": "secret_scanning_not_default"}] if {
47-
input.secret_scanning_enabled_for_new_repositories == false
47+
input.settings.secret_scanning_enabled_for_new_repositories == false
4848
}
4949

5050
title := "Secret Scanning is enabled for new repositories in the organization"

policies/gh_org_secret_scanning_enabled_test.rego

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,12 +2,16 @@ package compliance_framework.secret_scanning
22

33
test_scanning_enabled_new_repos if {
44
count(violation) == 0 with input as {
5-
"secret_scanning_enabled_for_new_repositories": true
5+
"settings": {
6+
"secret_scanning_enabled_for_new_repositories": true
7+
}
68
}
79
}
810

911
test_secret_scanning_enabled_new_repos_violate_if_disabled if {
1012
count(violation) > 0 with input as {
11-
"secret_scanning_enabled_for_new_repositories": false
13+
"settings": {
14+
"secret_scanning_enabled_for_new_repositories": false
15+
}
1216
}
1317
}

0 commit comments

Comments
 (0)