Fix #102 (#103)

cloudyspells · Jan 11, 2024 · e609897 · e609897
1 parent c651b86
commit e609897
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 5 deletions.
diff --git a/src/PSRule.Rules.AzureDevOps/rules/AzureDevOps.Repo.Branches.Rule.ps1 b/src/PSRule.Rules.AzureDevOps/rules/AzureDevOps.Repo.Branches.Rule.ps1
@@ -24,11 +24,10 @@ Rule 'Azure.DevOps.Repos.Branch.BranchPolicyIsEnabled' `
         Reason 'The default branch does not have its branch policy enabled.'
         Recommend 'Protect your main branch with a branch policy.'
         # Links: https://learn.microsoft.com/en-us/azure/devops/organizations/security/security-best-practices?view=azure-devops#secure-azure-repos
-        $Assert.HasField(($TargetObject.BranchPolicy | Where-Object { $_.type.id -eq 'fa4e907d-c16b-4a4c-9dfa-4906e5d171dd'}), "isEnabled", $true)
-        $Assert.HasFieldValue(($TargetObject.BranchPolicy | Where-Object { $_.type.id -eq 'fa4e907d-c16b-4a4c-9dfa-4906e5d171dd'}), "isEnabled", $true)
+        $Assert.HasField(($TargetObject.BranchPolicy | Where-Object { $_.isEnabled } | Select-Object -First 1), "isEnabled", $true)
+        $Assert.HasFieldValue(($TargetObject.BranchPolicy | Where-Object { $_.isEnabled } | Select-Object -First 1), "isEnabled", $true)
 }
 
-
 # Synopsis: The branch policy should require a minimum number of reviewers
 Rule 'Azure.DevOps.Repos.Branch.BranchPolicyMinimumReviewers' `
     -Ref 'ADO-RB-002' `

diff --git a/src/PSRule.Rules.AzureDevOps/rules/AzureDevOps.Repos.Rule.ps1 b/src/PSRule.Rules.AzureDevOps/rules/AzureDevOps.Repos.Rule.ps1
@@ -24,8 +24,8 @@ Rule 'Azure.DevOps.Repos.DefaultBranchPolicyIsEnabled' `
         Reason 'The default branch does not have its branch policy enabled.'
         Recommend 'Protect your main branch with a branch policy.'
         # Links: https://learn.microsoft.com/en-us/azure/devops/organizations/security/security-best-practices?view=azure-devops#secure-azure-repos
-        $Assert.HasField(($TargetObject.MainBranchPolicy | Where-Object { $_.type.id -eq 'fa4e907d-c16b-4a4c-9dfa-4906e5d171dd'}), "isEnabled", $true)
-        $Assert.HasFieldValue(($TargetObject.MainBranchPolicy | Where-Object { $_.type.id -eq 'fa4e907d-c16b-4a4c-9dfa-4906e5d171dd'}), "isEnabled", $true)
+        $Assert.HasField(($TargetObject.MainBranchPolicy | Where-Object { $_.isEnabled } | Select-Object -First 1), "isEnabled", $true)
+        $Assert.HasFieldValue(($TargetObject.MainBranchPolicy | Where-Object { $_.isEnabled } | Select-Object -First 1), "isEnabled", $true)
 }