You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Checkov fails to skip kustomize framework issues when annotations are added to the kustomization.yaml file *unless those annotations are added using invalid YAML
valid YAML, checkov skip ignored (i.e. checkov test fails):
metadata:
annotations:
checkov.io/skip1: CKV_K8S_14=using latest Image Tag for local development is easiest
invalid YAML (annotation not indented so annotations is not a valid YAML Object), checkov skip accepted (i.e. checkov test passes):
metadata:
annotations:
checkov.io/skip1: CKV_K8S_14=using latest Image Tag for local development is easiest
Examples
Given a kustomization.yaml like
resources:
- ../../baseimages:
- name: apinewName: apinewTag: latestmetadata:
annotations:
checkov.io/skip1: CKV_K8S_14=using latest Image Tag for local development is easiest
The checko test fails. Breaking the YAML and un-indenting the checkov.io/skip1 annotation allows the checkov test to pass.
Version (please complete the following information):
Checkov Version: 3.2.330
The text was updated successfully, but these errors were encountered:
Describe the issue
Checkov fails to skip
kustomize
framework issues when annotations are added to thekustomization.yaml
file *unless those annotations are added using invalid YAMLannotations
is not a valid YAML Object), checkov skip accepted (i.e. checkov test passes):Examples
Given a
kustomization.yaml
likeThe
checko
test fails. Breaking the YAML and un-indenting thecheckov.io/skip1
annotation allows thecheckov
test to pass.Version (please complete the following information):
The text was updated successfully, but these errors were encountered: