lint/.github/linters/.checkov.yaml
Marco Ferrari d74351fda7
feat: add the kustomize binary for checkov (#5763)
Checkov needs the kustomize binary to enable related checks, otherwise
these checks are silently skipped.

Ref https://www.checkov.io/7.Scan%20Examples/Kustomize.html
2024-06-27 19:03:16 +02:00

31 lines
1,002 B
YAML

---
# Options reference: https://www.checkov.io/2.Basics/CLI%20Command%20Reference.html
# Establish a baseline so we don't have to fix these issues at the same time
# as we ship Checkov with super-linter.
baseline: .github/linters/.checkov.baseline
# Report skipped baseline checks in the output
output-baseline-as-skipped: true
# Don't report passed checks in output
quiet: true
# The tests directory contains files that we need for test cases that are
# expected to fail. Checkov would catch those issues, so we exclude the tests
# directory.
skip-path:
- test/linters/ansible
- test/linters/arm
# We can't exclude just test/linters/checkov/bad because of
# https://github.com/bridgecrewio/checkov/issues/6468
- test/linters/checkov
- test/linters/dockerfile_hadolint
- test/linters/jscpd
- test/linters/json
- test/linters/kubernetes_kubeconform
- test/linters/openapi
- test/linters/terraform_fmt
- test/linters/terraform_tflint
- test/linters/terraform_terrascan
...