Skip to content

Commit

Permalink
Merge branch 'main' into remove-sast-JS-integ-test
Browse files Browse the repository at this point in the history
  • Loading branch information
@pazbechor
pazbechor authored Oct 29, 2023
2 parents 8d4cc50 + a9807ec commit 2405b66
Show file tree
Hide file tree
Showing 6 changed files with 20 additions and 6 deletions.
16 changes: 15 additions & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,20 @@
# CHANGELOG

## [Unreleased](https://github.com/bridgecrewio/checkov/compare/3.0.7...HEAD)
## [Unreleased](https://github.com/bridgecrewio/checkov/compare/3.0.12...HEAD)

## [3.0.12](https://github.com/bridgecrewio/checkov/compare/3.0.7...3.0.12) - 2023-10-26

### Bug Fix

- **general:** Fix sast & cdk integration tests - [#5688](https://github.com/bridgecrewio/checkov/pull/5688)
- **sast:** Adding exit code in sast integration test - [#5690](https://github.com/bridgecrewio/checkov/pull/5690)
- **sast:** adjust SAST file pattern search - [#5694](https://github.com/bridgecrewio/checkov/pull/5694)
- **sast:** fix sast reachability report format - [#5686](https://github.com/bridgecrewio/checkov/pull/5686)
- **terraform:** Fixing the typo within the name of the Terraform check CKV_AZURE_158 - [#5696](https://github.com/bridgecrewio/checkov/pull/5696)

### Platform

- **general:** Do not crash the run if S3 integration fails during setup, upload, or finalize - [#5691](https://github.com/bridgecrewio/checkov/pull/5691)

## [3.0.7](https://github.com/bridgecrewio/checkov/compare/3.0.4...3.0.7) - 2023-10-25

Expand Down
2 changes: 1 addition & 1 deletion checkov/terraform/checks/resource/azure/DatabricksWorkspaceIsNotPublic.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@

class DatabricksWorkspaceIsNotPublic(BaseResourceNegativeValueCheck):
def __init__(self):
name = "Ensure that databricks workspace has not public"
name = "Ensure that databricks workspace is not public"
id = "CKV_AZURE_158"
supported_resources = ['azurerm_databricks_workspace']
categories = [CheckCategories.NETWORKING]
Expand Down
2 changes: 1 addition & 1 deletion checkov/version.py
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
version = '3.0.11'
version = '3.0.12'
2 changes: 1 addition & 1 deletion docs/5.Policy Index/all.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1898,7 +1898,7 @@ nav_order: 1
| 1887 | CKV_AZURE_155 | resource | azurerm_app_service_slot | Ensure debugging is disabled for the App service slot | Terraform | [AppServiceSlotDebugDisabled.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/terraform/checks/resource/azure/AppServiceSlotDebugDisabled.py) |
| 1888 | CKV_AZURE_156 | resource | azurerm_mssql_database_extended_auditing_policy | Ensure default Auditing policy for a SQL Server is configured to capture and retain the activity logs | Terraform | [MSSQLServerAuditPolicyLogMonitor.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/terraform/checks/resource/azure/MSSQLServerAuditPolicyLogMonitor.py) |
| 1889 | CKV_AZURE_157 | resource | azurerm_synapse_workspace | Ensure that Synapse workspace has data_exfiltration_protection_enabled | Terraform | [SynapseWorkspaceEnablesDataExfilProtection.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/terraform/checks/resource/azure/SynapseWorkspaceEnablesDataExfilProtection.py) |
| 1890 | CKV_AZURE_158 | resource | azurerm_databricks_workspace | Ensure that databricks workspace has not public | Terraform | [DatabricksWorkspaceIsNotPublic.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/terraform/checks/resource/azure/DatabricksWorkspaceIsNotPublic.py) |
| 1890 | CKV_AZURE_158 | resource | azurerm_databricks_workspace | Ensure that databricks workspace is not public | Terraform | [DatabricksWorkspaceIsNotPublic.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/terraform/checks/resource/azure/DatabricksWorkspaceIsNotPublic.py) |
| 1891 | CKV_AZURE_159 | resource | azurerm_function_app | Ensure function app builtin logging is enabled | Terraform | [FunctionAppEnableLogging.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/terraform/checks/resource/azure/FunctionAppEnableLogging.py) |
| 1892 | CKV_AZURE_159 | resource | azurerm_function_app_slot | Ensure function app builtin logging is enabled | Terraform | [FunctionAppEnableLogging.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/terraform/checks/resource/azure/FunctionAppEnableLogging.py) |
| 1893 | CKV_AZURE_160 | resource | Microsoft.Network/networkSecurityGroups | Ensure that HTTP (port 80) access is restricted from the internet | arm | [NSGRuleHTTPAccessRestricted.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/arm/checks/resource/NSGRuleHTTPAccessRestricted.py) |
Expand Down
2 changes: 1 addition & 1 deletion docs/5.Policy Index/terraform.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1406,7 +1406,7 @@ nav_order: 1
| 1395 | CKV_AZURE_155 | resource | azurerm_app_service_slot | Ensure debugging is disabled for the App service slot | Terraform | [AppServiceSlotDebugDisabled.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/terraform/checks/resource/azure/AppServiceSlotDebugDisabled.py) |
| 1396 | CKV_AZURE_156 | resource | azurerm_mssql_database_extended_auditing_policy | Ensure default Auditing policy for a SQL Server is configured to capture and retain the activity logs | Terraform | [MSSQLServerAuditPolicyLogMonitor.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/terraform/checks/resource/azure/MSSQLServerAuditPolicyLogMonitor.py) |
| 1397 | CKV_AZURE_157 | resource | azurerm_synapse_workspace | Ensure that Synapse workspace has data_exfiltration_protection_enabled | Terraform | [SynapseWorkspaceEnablesDataExfilProtection.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/terraform/checks/resource/azure/SynapseWorkspaceEnablesDataExfilProtection.py) |
| 1398 | CKV_AZURE_158 | resource | azurerm_databricks_workspace | Ensure that databricks workspace has not public | Terraform | [DatabricksWorkspaceIsNotPublic.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/terraform/checks/resource/azure/DatabricksWorkspaceIsNotPublic.py) |
| 1398 | CKV_AZURE_158 | resource | azurerm_databricks_workspace | Ensure that databricks workspace is not public | Terraform | [DatabricksWorkspaceIsNotPublic.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/terraform/checks/resource/azure/DatabricksWorkspaceIsNotPublic.py) |
| 1399 | CKV_AZURE_159 | resource | azurerm_function_app | Ensure function app builtin logging is enabled | Terraform | [FunctionAppEnableLogging.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/terraform/checks/resource/azure/FunctionAppEnableLogging.py) |
| 1400 | CKV_AZURE_159 | resource | azurerm_function_app_slot | Ensure function app builtin logging is enabled | Terraform | [FunctionAppEnableLogging.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/terraform/checks/resource/azure/FunctionAppEnableLogging.py) |
| 1401 | CKV_AZURE_160 | resource | azurerm_network_security_group | Ensure that HTTP (port 80) access is restricted from the internet | Terraform | [NSGRuleHTTPAccessRestricted.py](https://github.com/bridgecrewio/checkov/blob/main/checkov/terraform/checks/resource/azure/NSGRuleHTTPAccessRestricted.py) |
Expand Down
2 changes: 1 addition & 1 deletion kubernetes/requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
checkov==3.0.11
checkov==3.0.12

0 comments on commit 2405b66

Please sign in to comment.