mirror of
https://github.com/super-linter/super-linter.git
synced 2024-12-22 20:52:12 -05:00
d74351fda7
Checkov needs the kustomize binary to enable related checks, otherwise these checks are silently skipped. Ref https://www.checkov.io/7.Scan%20Examples/Kustomize.html
22 lines
947 B
YAML
22 lines
947 B
YAML
---
|
|
# Options reference: https://www.checkov.io/2.Basics/CLI%20Command%20Reference.html
|
|
|
|
directory:
|
|
- test/linters/checkov/good
|
|
|
|
quiet: false
|
|
|
|
skip-framework:
|
|
# The Kubernetes framework because it doesn't run Kustomize before running the
|
|
# scan, as expected. There's the Kustomize framework for that.
|
|
# If we don't skip the Kubernetes framework, Checkov reports issues against
|
|
# Kubernetes descriptors that we handle with Kustomize. For example, we set
|
|
# a non-default Kubernetes Namespace using Kustomize.
|
|
# Checkov doesn't currently support skipping checks only for a given set of
|
|
# frameworks, and the Kubernetes framework runs the same checks that the Helm
|
|
# and the Kustomize frameworks run. So, we skip the Kubernetes framework when
|
|
# running test cases. In case we need to implement new Kubernetes test cases,
|
|
# we have to do that as part of the test Helm chart or the test Kustomize
|
|
# "package".
|
|
- kubernetes
|
|
...
|