-
Notifications
You must be signed in to change notification settings - Fork 15
Expand file tree
/
Copy pathkics-severity-counter.rego
More file actions
28 lines (22 loc) · 1.09 KB
/
kics-severity-counter.rego
File metadata and controls
28 lines (22 loc) · 1.09 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
package spacelift
# This import is required for Rego v0 compatibility and can be removed if you are only using Rego v1.
import rego.v1
# This policy will give you a warning with all the info, low and medium issues number
# and deny any run that has a high severity issue.
warn contains sprintf(message, [info, low, medium]) if {
message := "You have: %d info issues, %d low issues, %d medium issues"
info := input.third_party_metadata.custom.kics.severity_counters.INFO
low := input.third_party_metadata.custom.kics.severity_counters.LOW
medium := input.third_party_metadata.custom.kics.severity_counters.MEDIUM
}
deny contains sprintf(message, [results, p]) if {
message := "The number of violated policies %d is higher than the threshold %d"
results := input.third_party_metadata.custom.kics.severity_counters.HIGH
p := 0
p < results
}
# Learn more about sampling policy evaluations here:
# https://docs.spacelift.io/concepts/policy#sampling-policy-inputs
sample := true
# Learn more about how to integrate custom inputs here:
# https://spacelift.io/blog/integrating-security-tools-with-spacelift