turbot/github_compliance

Query: default_branch_protections_apply_to_admins

Usage

powerpipe query github_compliance.query.default_branch_protections_apply_to_admins

Steampipe Tables

SQL

select
-- Required Columns
url as resource,
case
when (default_branch_ref -> 'branch_protection_rule') is null then 'info'
when (default_branch_ref -> 'branch_protection_rule' ->> 'is_admin_enforced') = 'true' then 'ok'
else 'alarm'
end as status,
name_with_owner || ' default branch ' || (default_branch_ref ->> 'name') ||
case
when (default_branch_ref -> 'branch_protection_rule' ->> 'is_admin_enforced') = 'true' then ' protections apply to admins.'
when (default_branch_ref -> 'branch_protection_rule' ->> 'is_admin_enforced') = 'false' then ' protections do not apply to admins.'
-- If not false or true, then null, which means no branch protection rule exists
else ' branch protection rule unknown.'
end as reason,
-- Additional Dimensions
name_with_owner
from
github_my_repository;

Controls

The query is being used by the following controls: