Comments (4)
Hey @HariSekhon, that's a nice pattern! Thanks for sharing! :-)
from checkov-action.
Use skip-path
in .checkov.yaml
- see my Templates repo for a working example that I use to skip scanning sub-modules:
https://github.com/HariSekhon/Templates/blob/master/.checkov.yaml
from checkov-action.
Hey @HariSekhon , thanks for your suggestion. I was hoping to set skip-path
in the github action, instead of .checkov.yaml
.
Cheers
from checkov-action.
Yes I completely understand that - you should be able to do both.
What I find is beneficial with the .checkov.yaml
is that this use a single GitHub Actions reusable workflow across all repos, eg:
https://github.com/HariSekhon/GitHub-Actions/blob/master/.github/workflows/checkov.yaml
which can be imported in each repo with a few lines:
jobs:
checkov:
uses: HariSekhon/GitHub-Actions/.github/workflows/checkov.yaml@master
(eg. https://github.com/HariSekhon/Terraform/blob/master/.github/workflows/checkov.yaml)
but configure different settings in each repo's .checkov.yaml
, allowing for the greatest code reuse and settings flexibility combination.
from checkov-action.
Related Issues (20)
- 503 - Service Unavailable HOT 2
- Invalid URI when scanning Nginx based image HOT 1
- Cloning module issues for checkov action (IAC Scan issues) HOT 2
- Checkov-action started failing after the recent update in the docker image HOT 3
- Seeing An Issue Downloading External Terraform Modules HOT 4
- Add branch
- Add support of custom values.yaml
- Checkov severity levels appear in Code Scanning Filter HOT 1
- Adding Checkov in Github Actions HOT 4
- Checkov adopting root permissions in Github Actions Runs when creating results folder, cannot clean itself up afterwards HOT 1
- In download external modules defaults to git clone ssh url. how to change it to use https url HOT 3
- Checkov GitHub Action Reports SKIPPED Findings as Warnings HOT 3
- Missing '--skip-framework' parameter HOT 1
- Sarif output does not reflect the enrichment (Terraform plan with --repo-root-for-plan-enrichment) HOT 1
- Missing option of setting prisma-api-url / PRISMA_API_URL HOT 2
- Add --skip-results-upload to Git Actions HOT 1
- Error on 3.1.2 container startup HOT 4
- Write failures as comments in PRs HOT 1
- Replace the 'tfc_token' input with 'tf_registry_token' HOT 1
- Add annotations to files in github pr HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from checkov-action.