-
Notifications
You must be signed in to change notification settings - Fork 23
/
.checkov.yaml
46 lines (43 loc) · 1.46 KB
/
.checkov.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
#
# Author: Hari Sekhon
# Date: 2022-02-21 16:53:29 +0000 (Mon, 21 Feb 2022)
#
# vim:ts=2:sts=2:sw=2:et
#
# https://github.com/HariSekhon/Terraform
#
# License: see accompanying Hari Sekhon LICENSE file
#
# If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish
#
# https://www.linkedin.com/in/HariSekhon
#
# ============================================================================ #
# C h e c k o v c o n f i g
# ============================================================================ #
# https://github.com/bridgecrewio/checkov#configuration-using-a-config-file
#
# This is not well documented but the fields seem to be the same as:
#
# checkov --help
#
# See master template at:
#
# https://github.com/HariSekhon/Templates/blob/master/.checkov.yaml
---
compact: true
directory:
- .
download-external-modules: true # without this gets lots of annoying warning lines such as '2022-02-22 16:14:40,180 [MainThread ] [WARNI] Failed to download module x/y/z:n.n.n'
framework:
- all
output: cli
quiet: true
repo-id: HariSekhon/Terraform # what to report to Bridgecrew Cloud - without this gets annoying duplicate repos such as 'harisekhon_cli_repo/<myrepo>'
soft-fail: true
# https://www.checkov.io/5.Policy%20Index/all.html
skip-check:
# Ensure at least two approving reviews for PRs
- CKV_GIT_5
# Ensure all commits GPG signed
- CKV_GIT_6