+checkov.io (#4310)

* new file:   projects/checkov.io/package.yml
	new file:   projects/checkov.io/test.tf

* modified:   projects/checkov.io/package.yml
	modified:   projects/checkov.io/test.tf

* .

* modified:   projects/checkov.io/package.yml
	modified:   projects/checkov.io/test.tf

* let's try hardcoded version

* -Wno-int-conversion

* try github query again

* use /tags?

error makes no sense:

```
error: Uncaught (in promise) Error: http: https://api.github.com/repos/bridgecrewio/checkov/releases?per_page=100&page=1
  if (!rsp.ok) throw new Error(`http: ${url}`)
                     ^
    at GET2 (file:///opt/pkgx.sh/brewkit/v0/lib/useGitHubAPI.ts:35:22)
    at eventLoopTick (ext:core/01_core.js:178:11)
    at async getVersionsLong (file:///opt/pkgx.sh/brewkit/v0/lib/useGitHubAPI.ts:57:27)
    at async Object.getVersions (file:///opt/pkgx.sh/brewkit/v0/lib/useGitHubAPI.ts:42:34)
    at async handleAPIResponse (file:///opt/pkgx.sh/brewkit/v0/lib/usePantry.getVersions.ts:176:50)
    at async _parse (file:///opt/pkgx.sh/brewkit/v0/lib/usePantry.getVersions.ts:34:19)
    at async Object.resolve (file:///opt/pkgx.sh/brewkit/v0/lib/usePantry.ts:39:20)
    at async file:///opt/pkgx.sh/brewkit/v0/libexec/resolve.ts:15:15
```

* it's like GITHUB_TOKEN has failed...

* let's cheat a little

* parse version from pypi.org

---------

Co-authored-by: Jacob Heider <jacob@pkgx.dev>
This commit is contained in:
Andrew 2023-12-11 00:17:41 +02:00 committed by GitHub
parent b8985b677f
commit ea56add719
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 53 additions and 0 deletions

View file

@ -0,0 +1,23 @@
distributable:
url: https://github.com/bridgecrewio/checkov/archive/refs/tags/{{version}}.tar.gz
strip-components: 1
versions:
url: https://pypi.org/project/checkov/#history
match: /checkov\/\d+\.\d+\.\d+/
strip: /^checkov\//
dependencies:
python.org: ^3.12
build:
script:
- python-venv.sh {{prefix}}/bin/checkov
env:
linux:
# error: incompatible pointer to integer conversion initializing 'int' with an expression of type 'void *'
CFLAGS: -Wno-int-conversion
provides:
- bin/checkov
test:
- checkov --version | grep {{version}}
- checkov -f test.tf > output.log
- run: |
cat output.log | grep 'Passed checks: 14, Failed checks: 0, Skipped checks: 0'

View file

@ -0,0 +1,30 @@
provider "aws" {
region = "eu-west-1"
}
provider "aws" {
alias = "central"
region = "eu-central-1"
}
data "aws_iam_policy_document" "foo_policy" {
statement {
effect = "Allow"
principals = {
type = "Service"
identifiers = ["ec2.amazonaws.com"]
}
actions = [
"s3:*"
]
resources = [
"${aws_s3_bucket.foo.arn}"
]
}
}
resource "aws_s3_bucket_policy" "bar" {
provider = "aws.central"
bucket = "${aws_s3_bucket.foo.bucket}"
policy = "${data.aws_iam_policy_document.foo_policy.json}"
}