This repository demonstrates how to leverage the checkov-action to scan container images inside a cicd pipeline.
Configure the secrets PC_ACCESS_KEY, PC_SECRET_KEY in Github as well as PRISMA_API_URL as a variable ( e.g. 'https://api.eu.prismacloud.io' )
Instead of the github action the checkov cli can be leveraged
checkov --branch main --repo-id BusinessAsUsualEnterprise/checkov-scan --docker-image demo:latest --dockerfile-path Dockerfile --output cli --output sarif --output-file-path console,results.sarif --use-enforcement-rules