-
Notifications
You must be signed in to change notification settings - Fork 37
/
.checkov.yaml
59 lines (56 loc) · 1.66 KB
/
.checkov.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
#
# Author: Hari Sekhon
# Date: 2022-02-21 16:53:29 +0000 (Mon, 21 Feb 2022)
#
# vim:ts=2:sts=2:sw=2:et
#
# https://github.com/HariSekhon/Templates
#
# License: see accompanying Hari Sekhon LICENSE file
#
# If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish
#
# https://www.linkedin.com/in/HariSekhon
#
# ============================================================================ #
# C h e c k o v c o n f i g
# ============================================================================ #
# https://github.com/bridgecrewio/checkov#configuration-using-a-config-file
#
# This is not well documented but the fields seem to be the same as:
#
# checkov --help
---
#branch: master
#check:
# - CKV_DOCKER_1
compact: true
directory:
- .
skip-path:
- jenkins
- github-actions
- kubernetes-templates
- terraform-templates
#docker-image: harisekhon/bash-tools
#dockerfile-path: Dockerfile
download-external-modules: true # without this gets lots of annoying warning lines such as '2022-02-22 16:14:40,180 [MainThread ] [WARNI] Failed to download module x/y/z:n.n.n'
#evaluate-variables: true
#external-checks-dir:
# - sample-dir
#external-modules-download-path: .external_modules
framework:
- all
no-guide: true
output: cli
quiet: true
#repo-id: HariSekhon/DevOps-Bash-tools # what to report to Bridgecrew Cloud - without this gets annoying duplicate repos such as 'harisekhon_cli_repo/bash-tools'
#skip-check:
# - CKV_DOCKER_3
# - CKV_DOCKER_2
#skip-fixes: true
#skip-framework:
# - dockerfile
# - secrets
skip-suppressions: true
soft-fail: true