From 927f669ec2611c82adb1e194b90137f42732b0eb Mon Sep 17 00:00:00 2001 From: Simon Baird Date: Tue, 25 Jun 2024 12:15:54 -0400 Subject: [PATCH] Make ecosytem preflight failures non-blocking I'm not sure about the pros and cons of this, but there are several teams who get surprised by this failure and want to exclude it. Because the task itself it not included in the required task lists, removing it entirely from the pipeline gets EC to pass. So for that reason I'm assuming it's acceptable to make it non-blocking. (The downside is that it's going to be much easier to ignore any failures produced by this test.) --- data/rule_data.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/data/rule_data.yml b/data/rule_data.yml index 9833501..b3c9add 100644 --- a/data/rule_data.yml +++ b/data/rule_data.yml @@ -115,6 +115,7 @@ rule_data: informative_tests: - sast-snyk-check - sast-snyk-check-oci-ta + - ecosystem-cert-preflight-checks disallowed_packages: # Disallow hashicorp packages with restrictive licenses.