Skip to content

Commit

Permalink
Changes to update-rules workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
bensonce committed May 24, 2024
1 parent 4d2ff5e commit 44ed66d
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 3 deletions.
4 changes: 3 additions & 1 deletion .github/workflows/update-rules.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -60,11 +60,13 @@ jobs:

- name: Create Pull Request
uses: peter-evans/create-pull-request@v6
if: ${{ steps.changed-files.outputs.any_changed == 'true' }}
with:
token: ${{ secrets.GITHUB_TOKEN }}
base: main
branch: auto-update-aws-config-rules
add-paths: |
managed_rules_locals.tf
managed_rules_variables.tf
commit-message: Automatic updates to AWS managed Config Rules
delete-branch: true
title: '[Auto] Update AWS Config Rules'
Expand Down
2 changes: 1 addition & 1 deletion scripts/index.py
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@
rule = AwsConfigRule(data=rule_data)
for control in controls:
if rule.name == control['rule']:
logging.info(f"Updating rule '{rule.name}' severity to Security Hub recommended level '{control['severity']}'")
logging.info(f"Updating {rule.name} severity -> {control['severity']}")
rule.set_severity_level(control['severity'])
break
rules.append(rule)
Expand Down
2 changes: 1 addition & 1 deletion scripts/lib/aws_docs_reader.py
Original file line number Diff line number Diff line change
Expand Up @@ -290,7 +290,7 @@ def parse_security_hub_docs(controls_userguide_root: str, controls_ref_page: str
logging.info(f"Parsing ({counter}/{controls_length})")
security_hub_control = SecurityHubControl(soup=control)
if security_hub_control.no_rule_configured:
logging.error(f"Control {control.string} has no AWS Config Rule configured. Skipping")
logging.warning(f"Control {control.string} has no AWS Config Rule configured. Skipping")
counter += 1
continue
if not security_hub_control.severity or not security_hub_control.rule:
Expand Down

0 comments on commit 44ed66d

Please sign in to comment.