feat: Add checkov github action

makandra · Mar 14, 2024 · b390c5d · b390c5d
1 parent 442fca6
commit b390c5d
Showing 1 changed file with 34 additions and 0 deletions.
diff --git a/.github/workflows/scan.yaml b/.github/workflows/scan.yaml
@@ -0,0 +1,34 @@
+# name: checkov
+# on:
+#   push:
+#     branches: [ "main"]
+#   pull_request:
+#     branches: [ "main" ]
+
+#   # Allows you to run this workflow manually from the Actions tab
+#   workflow_dispatch:
+
+# jobs:
+#   scan:
+#     permissions:
+#       contents: read
+#       security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+#       actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+
+#     runs-on: ubuntu-latest
+
+#     steps:
+#       - uses: actions/checkout@v3
+
+#       - name: Checkov GitHub Action
+#         uses: bridgecrewio/checkov-action@v12
+#         with:
+#           output_format: cli,sarif
+#           output_file_path: console,results.sarif
+
+#       - name: Upload SARIF file
+#         uses: github/codeql-action/upload-sarif@v2
+
+#         if: success() || failure()
+#         with:
+#           sarif_file: results.sarif