spring-boot-microservice-best-practices icon indicating copy to clipboard operation
spring-boot-microservice-best-practices copied to clipboard

Published 20 hours ago verified publisher icon abhisheksr01

Use a tool to scan the k8s manifest and dockerfile

Open abhisheksr01 opened this issue 4 years ago • 2 comments

Identity a security tooling to scan the k8s manifest (standard and helm charts) locally and Dockerfile for security recommendations.

abhisheksr01 avatar Oct 12 '21 10:10 abhisheksr01

https://www.checkov.io/ seems to be a good candidate it's licensed under apache so free to use.

abhisheksr01 avatar Oct 12 '21 11:10 abhisheksr01

Checkov has been added to the pipeline. ToDo: Update the document to add info about the usage of tooling.

abhisheksr01 avatar Oct 12 '21 13:10 abhisheksr01