kics-github-action
kics-github-action copied to clipboard
Checkmarx
GitHub actions of KICS scan - Keeping Infrastructure as Code Secure
closes #96 proposed changes: - add support for `output-name` on config files
Hello, I am having issue running the Kics Scan in my enterprise repo. I keep getting this error "Error: open /github/workspace/results.json: permission denied". I think the container does not have...
When the `output-name` parameter is set to anything other than `"results"` (e.g. using a config file), the action still looks for a file called `results.json`, which then causes an error...
KICS Github action only gives output in JSON and Sarif format. Is it possible to have the output in a `.md` format? Also can we give the name of the...
Hi Team, We have many projects and workflows and I have rolled out KICS as Dockerfile scanner. We are starting to see DockerHub rate limit errors at peak build times....
Hi Team, I am using KICS github action to scan my Kubernetes resource in my workflow. In the JSON output from the action, there is no KICS documentation Url of...
The SARIF spec allows for a `properties` field ([Property bag object](https://docs.oasis-open.org/sarif/sarif/v2.0/csprd02/sarif-v2.0-csprd02.html#_Toc10127639)) within any object in the spec. For GitHub Code Scanning specifically, if a `properties` array is added to each...
# Description - Query ID set in include_query within the with parameter is not being passed as an argument to the command. # Reproduce **actions** ``` yaml steps: - name:...
I spent longer than I care to admit trying to "get a previously working" PR comment workflow functioning again. It was always working. Turns out, as I was expecting a...
Hi, Is it possible to limit the comments on the PR to just 1? On each github action run we want to comment only once on the PR ideally and...
