You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I was trying something out-of-box.
I integrated other thirdparty security tools as well (like shiftleft, codecov) into my workflows, in which all my issues flows into security tab(ideally code scanning alerts tab.
Now my question is why is PolicyAsCode is not taking those critical issues identified by third party for violation.
I see only codeql issues critical is blocked and not third party tools critical is blocked.( I mean they are counted as violation).
Kindly let us know solution for this, we are in mid and stuck on this implementation.
Thanks in advance.Appreciate your efforts in bringing up great action.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
HI @GeekMasher and @Pradoxzon ..
I was trying something out-of-box.
I integrated other thirdparty security tools as well (like shiftleft, codecov) into my workflows, in which all my issues flows into security tab(ideally code scanning alerts tab.
Now my question is why is PolicyAsCode is not taking those critical issues identified by third party for violation.
I see only codeql issues critical is blocked and not third party tools critical is blocked.( I mean they are counted as violation).
Kindly let us know solution for this, we are in mid and stuck on this implementation.
Thanks in advance.Appreciate your efforts in bringing up great action.
Beta Was this translation helpful? Give feedback.
All reactions