Check Certificate Validation Python-env-var

Description

The PYTHONHTTPSVERIFY environment variable is used in Python to control certificate verification when making HTTPS requests. This policy checks whether this environment variable is set to 0. By default, it is set to 1, which enables certificate verification.

Kyverno policy

Refer to the Nirmata curated policies - check-certificate-validation-python-env-var.

Resource example

Below is an example of a Dockerfile enforcing this policy.

FROM python:3.9

ENV PYTHONHTTPSVERIFY 1

WORKDIR /app

COPY . /app

CMD [ "echo", "Hello world" ]