New Providers: GitLab/Hub API #5446

mirisbowring · 2024-10-17T10:58:26Z

New feature motivation

In corporate environments, Git and CICD are defacto standard.
Especially GitLab and GitHub are the most used Services.
Often, there are specific compliance / governance rules that require e.g. multiple approvals for an feature request.

Solution Proposed

Having GitLab & GitHub available as providers, it would enable companies to check the projects repositories for compliance issues.

Checks could be:

Are multiple approvals configured for default / protected branches?
Is the main branch protected?
Are scanners configured? (Password, SAST, etc.)
Are there less then e.g. 3 Maintainers on the Repo?

Describe alternatives you've considered

There are some commercial tools that alter the gitlab api.

An OpenSource example is e.g. scorecard

Additional context

There are some details about CICD Security in general:

pedrooot · 2024-10-18T07:53:14Z

#5430

mirisbowring added feature-request New feature request for Prowler. status/needs-triage Issue pending triage labels Oct 17, 2024

pedrooot self-assigned this Oct 18, 2024

jfagoagas removed the status/needs-triage Issue pending triage label Nov 22, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

New Providers: GitLab/Hub API #5446

New Providers: GitLab/Hub API #5446

mirisbowring commented Oct 17, 2024

pedrooot commented Oct 18, 2024

New Providers: GitLab/Hub API #5446

New Providers: GitLab/Hub API #5446

Comments

mirisbowring commented Oct 17, 2024

New feature motivation

Solution Proposed

Describe alternatives you've considered

Additional context

pedrooot commented Oct 18, 2024