RachelBorzi
commented
3 months ago I'll take care of that, thanks.
בתאריך יום ד׳, 8 במאי 2024 ב-12:07 מאת Taylor @.*** >:
@.**** approved this pull request.
Looks good! One suggestion
In checkov/arm/checks/resource/FunctionAppHttpVersionLatest.py https://github.com/bridgecrewio/checkov/pull/6244#discussion_r1593692153 :
@@ -0,0 +1,22 @@ +from checkov.arm.base_resource_value_check import BaseResourceValueCheck +from checkov.common.models.enums import CheckCategories + + +class FunctionAppHttpVersionLatest(BaseResourceValueCheck): +
- def init(self) -> None:
- name = "Ensure that 'HTTP Version' is the latest, if used to run the Function app"
- id = "CKV_AZURE_67"
- supported_resources = ("Microsoft.Web/sites/slots",)
⬇️ Suggested change
- supported_resources = ("Microsoft.Web/sites/slots",)
- supported_resources = ("Microsoft.Web/sites/slots", "Microsoft.Web/sites")
Sites can also have this set: https://learn.microsoft.com/en-us/azure/templates/microsoft.web/sites?pivots=deployment-language-arm-template#siteconfig-1
Can you add a UT for this?
— Reply to this email directly, view it on GitHub https://github.com/bridgecrewio/checkov/pull/6244#pullrequestreview-2045088304, or unsubscribe https://github.com/notifications/unsubscribe-auth/BEDKZMCIB76U3W7C5M2B3D3ZBHTLVAVCNFSM6AAAAABHHR3YEKVHI2DSMVQWIX3LMV43YUDVNRWFEZLROVSXG5CSMV3GSZLXHMZDANBVGA4DQMZQGQ . You are receiving this because you authored the thread.Message ID: @.***>
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Description
Added new policies for - FunctionAppHttpVersionLatest - CKV_AZURE_67 and AppServiceDisallowCORS - CKV_AZURE_57
Description
I added a test that checks whether a value with a value of true is found under a certain field
Fix
How does someone fix the issue in code and/or in runtime?
Checklist: