Skip to content
This repository has been archived by the owner on Jan 16, 2024. It is now read-only.
/ docker-pipeline-checkov Public archive

Quantum vulnerability management instrumentation for Checkov code analysis pipeline jobs.

License

Apache-2.0 license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

quantum-sec/docker-pipeline-checkov

BranchesTags

Repository files navigation

Managed Security Platform Infrastructure by Quantum

docker-pipeline-checkov

Build Status License quantumsec/docker-pipeline-checkov Maintained by quantum.security

This repository contains the container runtime environment for using Quantum's ci-analysis-collector utility with Checkov.

Usage

docker pull quantumsec/docker-pipeline-checkov

docker run \
  -e QS_API_TOKEN \
  -v "$PWD":"/workspace":ro \
  quantumsec/docker-pipeline-checkov \
  npx --yes --package '@quantum-sec/ci-analysis-collector' --call 'ci-analysis-collector checkov --path /workspace'

In the above example, you may use the -e argument to pass the QS_API_TOKEN environment variable from the current environment, and the -v argument to mount the code to be scanned as a read-only volume to the /workspace directory.

Additionally, you can modify npx's --call argument to pass additional configuration options described in the documentation.

Code of Conduct

Help us keep this project open and inclusive. Please read and follow our Code of Conduct.

License

This code is released under the Apache 2.0 License.

About

Quantum vulnerability management instrumentation for Checkov code analysis pipeline jobs.

Topics

terragrunt-managed migrated-from-quantum

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

1 star

Watchers

8 watching

Forks

1 fork
Report repository

Releases 7

2.0.2 Latest
Jul 22, 2021
+ 6 releases

Packages

No packages published

Languages