mirror of
https://github.com/ivabus/pantry
synced 2024-11-26 02:15:06 +03:00
+checkov.io (#4310)
* new file: projects/checkov.io/package.yml new file: projects/checkov.io/test.tf * modified: projects/checkov.io/package.yml modified: projects/checkov.io/test.tf * . * modified: projects/checkov.io/package.yml modified: projects/checkov.io/test.tf * let's try hardcoded version * -Wno-int-conversion * try github query again * use /tags? error makes no sense: ``` error: Uncaught (in promise) Error: http: https://api.github.com/repos/bridgecrewio/checkov/releases?per_page=100&page=1 if (!rsp.ok) throw new Error(`http: ${url}`) ^ at GET2 (file:///opt/pkgx.sh/brewkit/v0/lib/useGitHubAPI.ts:35:22) at eventLoopTick (ext:core/01_core.js:178:11) at async getVersionsLong (file:///opt/pkgx.sh/brewkit/v0/lib/useGitHubAPI.ts:57:27) at async Object.getVersions (file:///opt/pkgx.sh/brewkit/v0/lib/useGitHubAPI.ts:42:34) at async handleAPIResponse (file:///opt/pkgx.sh/brewkit/v0/lib/usePantry.getVersions.ts:176:50) at async _parse (file:///opt/pkgx.sh/brewkit/v0/lib/usePantry.getVersions.ts:34:19) at async Object.resolve (file:///opt/pkgx.sh/brewkit/v0/lib/usePantry.ts:39:20) at async file:///opt/pkgx.sh/brewkit/v0/libexec/resolve.ts:15:15 ``` * it's like GITHUB_TOKEN has failed... * let's cheat a little * parse version from pypi.org --------- Co-authored-by: Jacob Heider <jacob@pkgx.dev>
This commit is contained in:
parent
b8985b677f
commit
ea56add719
2 changed files with 53 additions and 0 deletions
23
projects/checkov.io/package.yml
Normal file
23
projects/checkov.io/package.yml
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
distributable:
|
||||||
|
url: https://github.com/bridgecrewio/checkov/archive/refs/tags/{{version}}.tar.gz
|
||||||
|
strip-components: 1
|
||||||
|
versions:
|
||||||
|
url: https://pypi.org/project/checkov/#history
|
||||||
|
match: /checkov\/\d+\.\d+\.\d+/
|
||||||
|
strip: /^checkov\//
|
||||||
|
dependencies:
|
||||||
|
python.org: ^3.12
|
||||||
|
build:
|
||||||
|
script:
|
||||||
|
- python-venv.sh {{prefix}}/bin/checkov
|
||||||
|
env:
|
||||||
|
linux:
|
||||||
|
# error: incompatible pointer to integer conversion initializing 'int' with an expression of type 'void *'
|
||||||
|
CFLAGS: -Wno-int-conversion
|
||||||
|
provides:
|
||||||
|
- bin/checkov
|
||||||
|
test:
|
||||||
|
- checkov --version | grep {{version}}
|
||||||
|
- checkov -f test.tf > output.log
|
||||||
|
- run: |
|
||||||
|
cat output.log | grep 'Passed checks: 14, Failed checks: 0, Skipped checks: 0'
|
30
projects/checkov.io/test.tf
Normal file
30
projects/checkov.io/test.tf
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
provider "aws" {
|
||||||
|
region = "eu-west-1"
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "aws" {
|
||||||
|
alias = "central"
|
||||||
|
region = "eu-central-1"
|
||||||
|
}
|
||||||
|
|
||||||
|
data "aws_iam_policy_document" "foo_policy" {
|
||||||
|
statement {
|
||||||
|
effect = "Allow"
|
||||||
|
principals = {
|
||||||
|
type = "Service"
|
||||||
|
identifiers = ["ec2.amazonaws.com"]
|
||||||
|
}
|
||||||
|
actions = [
|
||||||
|
"s3:*"
|
||||||
|
]
|
||||||
|
resources = [
|
||||||
|
"${aws_s3_bucket.foo.arn}"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_s3_bucket_policy" "bar" {
|
||||||
|
provider = "aws.central"
|
||||||
|
bucket = "${aws_s3_bucket.foo.bucket}"
|
||||||
|
policy = "${data.aws_iam_policy_document.foo_policy.json}"
|
||||||
|
}
|
Loading…
Reference in a new issue