Sometimes it makes sense to store values in a manually curated YAML file in the root of a repository. This can be used, for example, to track the date that a component was last penetration tested, or the last time it’s README was reviewed for usefulness.
With Tech Insights, checks can be created to ensure that all components are being penetration tested and reviewed on a regular basis.
Before we can set up any new checks, we must first create a Data Source to represent the location of the file where this data is manually curated.
Create a file called production-readiness.yamlin the root of a repository and add the following contents to it:
lastPentestDate: 2022-11-13
lastPentestStatus: passed
lastPentestContact: pnorton
lastReadmeReviewDate: 2022-11-13
lastreadmeReviewScore: 4
Now visit /tech-insights/data-sources/add and set up a new Data Source to represent this file.
In the About section, fill in the following information.
| Field name | Value |
|---|---|
| Name | Production readiness YAML |
| Description | Parses the production-readiness.yaml file in the root of a repo |
In the Data Provider secion, fill in the following information.
| Field name | Value |
|---|---|
| Type | Component repository file |
| Update frequency | Every 12 hours |
| Location | production-readiness.yaml (note, support for checking multiple locations is coming) |
Next, select an Entity which you know has a production-readiness.yaml file in place and click the “VIEW” button. We will use this as a test case to extract facts.
In the Field extraction section, fill in the following information.
| Field name | Value |
|---|---|
| Data retention | Max items (1 item) |
| Parser | YAML |
| Fact Name (1) | Last pen test date |
| YAML (1) | $[0].lastPentestDate |
| Type (1) | DateTime |
| Fact Name (2) | Last pen test status |
| YAML (2) | $[0].lastPentestStatus |
| Type (2) | String |
| Fact Name (3) | Last README review date |
| YAML (3) | $[0].lastReadmeReviewDate |
| Type (3) | DateTime |
| Fact Name (4) | Last README review score |
| YAML (4) | $[0].lastReadmeReviewScore |
| Type (4) | Integer |
Click the “Check Facts” button to extract the facts from the test Entity and make sure they are extracted correctly.
Click the SAVE button to start running this Data Source against all components which have a production-readiness.yaml file.
Here’s a video of me creating this data source:
https://www.loom.com/share/bdf1f322baed47e59178bfaab4bcd0a8
To ensure that components are pen-tested regulary enough, we can create a check with the following attributes: