Skip to content
This repository has been archived by the owner on Oct 27, 2024. It is now read-only.

Adding Framework/Skip-Framework functionality #134

Merged
merged 7 commits into from
Aug 31, 2023
Merged

Adding Framework/Skip-Framework functionality #134

merged 7 commits into from
Aug 31, 2023

Conversation

billyjbryant
Copy link
Contributor

@billyjbryant billyjbryant commented Aug 24, 2023
edited
Loading

In This PR

  • Added setting "Skip Frameworks" to take a space separated list of frameworks to skip during scanning
    • This results in the checkov cli command being appended with --skip-framework <list of frameworks>
  • Added setting "Framworks" to take a space separated list of frameworks to use during scanning
    • This results in the checkov cli command being appended with --framework <list of frameworks>

Pictures/videos

Skip Frameworks

skip-framework

Frameworks

framework

Usage:

[info]: Starting to scan. 
[debug]: Output: 
[info]: repo [email protected]:mapbox/security-breakglass.git 
[info]: repo namemapbox/security-breakglass 
[info]: Running checkov: 
[info]: checkov --output-bc-ids -s --bc-api-key **** --repo-id mapbox/security-breakglass -f "/Users/billybryant/github/mapbox/security-breakglass/.github/workflows/bandit.yml" --skip-check BC_LIC* -o json --framework arm json github_actions cloudformation --skip-framework sca_package secrets sca_image 
[debug]: Checkov scan process exited with code 0 

... SCAN RESULTS ...
  • I've reviewed my own code

fixes #135

@billyjbryant billyjbryant mentioned this pull request Aug 24, 2023
Closed
@billyjbryant
Updated to take frameworks as space separated list
a34cc3f 
Updated to join array with space in cli output
@billyjbryant billyjbryant mentioned this pull request Aug 24, 2023
Closed
@mikeurbanski1
Copy link
Contributor

Hey @billyjbryant thanks for the contribution! I tested it locally and it looks good.

Can you please make one update to the help text for the setting, for both options? Add the line:

You may need to run the extension command "Clear Checkov results cache" after modifying this setting.

SteveVaknin
SteveVaknin approved these changes Aug 31, 2023
View reviewed changes
Copy link
Contributor

@SteveVaknin SteveVaknin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@billyjbryant Thanks for your contribution! 🚀

@mikeurbanski1
Copy link
Contributor

I went ahead and changed it. Merging.

@mikeurbanski1 mikeurbanski1 merged commit 1c26bee into bridgecrewio:master Aug 31, 2023
1 check passed
@billyjbryant billyjbryant deleted the billybryant/framework-support branch September 11, 2023 16:56
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@mikeurbanski1 mikeurbanski1 mikeurbanski1 approved these changes

@SteveVaknin SteveVaknin SteveVaknin approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

There is no support for the --framework or --skip-framework cli parameters
3 participants
@billyjbryant @mikeurbanski1 @SteveVaknin