From 9c2b5991d81b3a8206021679b2f06bd40d0ca85d Mon Sep 17 00:00:00 2001 From: ShiftLeft Date: Fri, 16 Aug 2024 10:04:54 -0700 Subject: [PATCH] adding ShiftLeft build rules --- shiftleft.yml | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/shiftleft.yml b/shiftleft.yml index 220d4baf4..820144af2 100644 --- a/shiftleft.yml +++ b/shiftleft.yml @@ -1,12 +1,15 @@ +version: 2 build_rules: - - id: allow-zero-findings + - id: Allow no critical findings + severities: + - critical + - id: Allow one OSS or container finding finding_types: - - vuln - - secret - - insight - - "*" - severity: - - SEVERITY_MEDIUM_IMPACT - - SEVERITY_HIGH_IMPACT - - SEVERITY_LOW_IMPACT - threshold: 0 \ No newline at end of file + - oss_vuln + - container + threshold: 1 + - id: Allow no reachable OSS vulnerability + finding_types: + - oss_vuln + options: + reachable: true