PlatformResourcesSign inSign Up

Ensure GitHub repository webhooks use HTTPs

Error: GitHub repository webhooks do not use HTTPs
Bridgecrew Policy ID: BC_REPO_GITHUB_3 or BC_REPO_GITHUB_TF_1
Checkov Check ID: CKV_GITHUB_7 or CKV_GIT_2
Severity: MEDIUM

Suggest Edits

GitHub repository webhooks do not use HTTPs

Description

Webhooks can be configured to use endpoints of your choosing, including whether TLS is enabled or not. Ensure you are using a webhook endpoint with encryption by using a standard HTTPS URL.

Fix - Buildtime

Terraform

  • Resource: github_repository_webhook
  • Attribute: insecure_ssl
resource "github_repository_webhook" "foo" {
...
  configuration {
-    url          = "http://google.com/"
+    url          = "https://google.com/"
-    insecure_ssl = false
+    insecure_ssl = false
  }

}

Updated 10 months ago