microsoft/hve-core
Publicmirrored fromhttps://github.com/microsoft/hve-coreAvailable
.checkov.yaml
29lines · modecode
| 1 | # Checkov configuration for security and compliance scanning |
| 2 | # Scans GitHub Actions workflows, JSON, YAML files, and secrets |
| 3 | |
| 4 | framework: |
| 5 | - github_actions |
| 6 | - json |
| 7 | - yaml |
| 8 | - secrets |
| 9 | |
| 10 | # Evaluate variables in configuration files |
| 11 | evaluate-variables: true |
| 12 | |
| 13 | # Output formats |
| 14 | output: |
| 15 | - junitxml |
| 16 | - json |
| 17 | |
| 18 | # Optional: Specify output file paths |
| 19 | # output-file-path: checkov-junit.xml,checkov-results.json |
| 20 | |
| 21 | # Optional: Skip specific checks |
| 22 | # skip-check: |
| 23 | # - CKV_SECRET_1 |
| 24 | # - CKV_GHA_1 |
| 25 | |
| 26 | # Optional: Exclude directories |
| 27 | # skip-path: |
| 28 | # - node_modules |
| 29 | # - .git |
| 30 | |