Unable to create Issue from Security Checks

[djdta]

Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

The one thing that tfsec does not have is the ability to raise security issues on the repo once they have been found.

Describe the solution you'd like
A clear and concise description of what you want to happen.

When a security check has found some issue, I would like to right-click on that issue and create an issue on the repo

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Nope.

Additional context
Add any other context or screenshots about the feature request here.

[owenrumney]

Hey @djdta - this sounds a little intrusive on the part of tfsec. We'd have to dig into the .git folder to get the org and repo details. Then assuming there is a GITHUB_TOKEN on the environment of the executing machine we can create an issue on your behalf. I don't think that is something I would welcome a command-line tool doing.

One option you could consider, assuming you use GitHub Actions is to make use of the tfsec-pr-commenter-action which will comment on PRs when it sees issues (specifically created within the PRs commits)

Another possible option, the VSCode TFSEC Plugin could be updated to have a check generated from the explorer view of identified issues? Does that sound like something that would work for you?

[djdta]

@owenrumney Thanks for your reply.

For the cli i understand this will not be possible, but for the vs code plugin I think it would be a great feature to have.

djdta