checkov-scan

This repository demonstrates how to leverage the checkov-action to scan container images inside a cicd pipeline.

Setup

Configure the secrets PC_ACCESS_KEY, PC_SECRET_KEY in Github as well as PRISMA_API_URL as a variable ( e.g. 'https://api.eu.prismacloud.io' )

CLI Way

Instead of the github action the checkov cli can be leveraged

checkov --branch main --repo-id BusinessAsUsualEnterprise/checkov-scan --docker-image demo:latest --dockerfile-path Dockerfile  --output cli --output sarif --output-file-path console,results.sarif --use-enforcement-rules

Name		Name	Last commit message	Last commit date
Latest commit History 13 Commits
.github/workflows		.github/workflows
Dockerfile		Dockerfile
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

checkov-scan

Setup

CLI Way

About

Releases

Packages

Languages

BusinessAsUsualEnterprise/checkov-scan

Folders and files

Latest commit

History

Repository files navigation

checkov-scan

Setup

CLI Way

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages