DOS5765

Repository Environment - Should have a REST API URL

DOS5765

GitHub repository Severitylow builtIn

Description

Every GitHub environment exposes a REST API URL that infrastructure-as-code and CI/CD systems use to read or update environment configuration. A missing URL field indicates an environment that cannot be programmatically updated, which breaks GitOps and IaC reconciliation.

Learn More

Recommendation

1. Confirm that each environment is reachable via the REST endpoint /repos/{owner}/{repo}/environments/{environment_name}. 
2. Re-create environments missing a REST URL.

Policy Rule

{
  "target": "GHEnvironment",
  "if": {
    "allOf": [
      {
        "resource": "GHEnvironment",
        "property": "Url",
        "operator": "notEquals",
        "value": ""
      }
    ]
  },
  "then": {
    "effect": "Audit"
  }
}
« DOS5760 DOS5800 »
Rule Details
  • Rule ID: DOS5765
  • Code: GH_Repository_Environment_Should_Have_Url
  • Platform: GitHub
  • Category: repository
  • Severity: Severitylow
  • Type: builtIn
Related Rules

Copyright © DevOps Shield. All Rights Reserved. Privacy Policy | Cookie Policy | Terms and Conditions | v1.0.2