Provide a directly actionable solution whenever possible as part of the remediation #34

rgreinho · 2022-06-27T14:45:23Z

When a check fails, it is most of the time possible to fix it using the GitHub API.

For example, the number of reviewers required can be updated with one REST request:

curl -s \
  -X PATCH \
  -H "Accept: application/vnd.github.v3+json" \
  -H "Authorization: token $GITHUB_TOKEN" \
  https://api.github.com/repos/buildsec/frsca/branches/main/protection/required_pull_request_reviews \
  -d '{"required_approving_review_count":2}'

Attaching this snippet to the remediation explanation (https://avd.aquasec.com/compliance/softwaresupplychain/cis-1.0/cis-1.0-sourcecode/1.1) would help the end users to resolve the issue.

morwn · 2022-07-18T11:39:20Z

Hi @rgreinho,
Nice suggestion, we plan to add support for adding dynamic remediation instructions soon.

@naortalmor1 - FYI

rgreinho changed the title ~~Provide an directly actionable solutions whenever possible as part of the remediation~~ Provide a directly actionable solutions whenever possible as part of the remediation Jun 27, 2022

morwn added the enhancement New feature or request label Jun 28, 2022

rgreinho changed the title ~~Provide a directly actionable solutions whenever possible as part of the remediation~~ Provide a directly actionable solution whenever possible as part of the remediation Jun 29, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Provide a directly actionable solution whenever possible as part of the remediation #34

Provide a directly actionable solution whenever possible as part of the remediation #34

rgreinho commented Jun 27, 2022

morwn commented Jul 18, 2022

Provide a directly actionable solution whenever possible as part of the remediation #34

Provide a directly actionable solution whenever possible as part of the remediation #34

Comments

rgreinho commented Jun 27, 2022

morwn commented Jul 18, 2022