-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathterraform_enterprise_sentinel_example.sentinel
40 lines (37 loc) · 1.29 KB
/
terraform_enterprise_sentinel_example.sentinel
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
import "http"
import "json"
import "tfrun"
param PRISMA_ACCESS_KEY
param PRISMA_SECRET_KEY
loginReq = http.request("https://api3.prismacloud.io/login").with_body(json.marshal({"username": PRISMA_ACCESS_KEY, "password": PRISMA_SECRET_KEY})).with_header("Content-Type", "application/json")
loginResp = json.unmarshal(http.post(loginReq).body)
body = {
"organization" : tfrun.organization.name,
"workspace" : {
"id" : tfrun.workspace.id,
"name": tfrun.workspace.name,
"vcs_repo": {
"display_identifier": tfrun.workspace.vcs_repo.display_identifier,
"branch": tfrun.workspace.vcs_repo.branch,
},
},
"run": {
"id": tfrun.id,
"created_at": tfrun.created_at,
"message": tfrun.message,
"commit_sha": tfrun.commit_sha,
},
}
req = http.request("https://api3.prismacloud.io/code/api/v1/global/terraformEnterprise/webhook").with_body(json.marshal(body)).with_header("Authorization", loginResp.token)
resp = json.unmarshal(http.post(req).body).data
if (length(resp.violations) > 0) {
print("Violations:\n")
for resp.violations as violation {
print(violation.title)
print("Resource: " + violation.resource_id)
print("Violation ID: " + violation.violation_id)
print("\n")
}
}
print("More details: " + resp.details_url)
main = rule { length(resp.violations) < 1 }