Ensure GitHub repository webhooks use HTTPs
Error: GitHub repository webhooks do not use HTTPs
Bridgecrew Policy ID: BC_REPO_GITHUB_3 or BC_REPO_GITHUB_TF_1
Checkov Check ID: CKV_GITHUB_7 or CKV_GIT_2
Severity: MEDIUM
GitHub repository webhooks do not use HTTPs
Description
Webhooks can be configured to use endpoints of your choosing, including whether TLS is enabled or not. Ensure you are using a webhook endpoint with encryption by using a standard HTTPS URL.
Fix - Buildtime
Terraform
- Resource: github_repository_webhook
- Attribute: insecure_ssl
resource "github_repository_webhook" "foo" {
...
configuration {
- url = "http://google.com/"
+ url = "https://google.com/"
- insecure_ssl = false
+ insecure_ssl = false
}
}
Updated 10 months ago