From c510bce1acbf296531d25b13a56dd32f61fdd823 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rog=C3=A9rio=20Peixoto?= Date: Mon, 10 May 2021 18:50:02 +0100 Subject: [PATCH] feat(v1.2): support kics 1.3.0 using docker-runner as default MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Rogério Peixoto --- Dockerfile | 2 +- README.md | 11 +++++------ 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index d034ba9..25ee620 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,4 +4,4 @@ COPY entrypoint.sh /entrypoint.sh RUN chmod +x /entrypoint.sh -ENTRYPOINT ["/entrypoint.sh"] \ No newline at end of file +ENTRYPOINT ["/entrypoint.sh"] diff --git a/README.md b/README.md index e2be3af..e4290eb 100644 --- a/README.md +++ b/README.md @@ -130,12 +130,11 @@ You can only enable one profiler at a time, CPU or MEM. cat results.json ``` -## Example using docker-runner and SARIF report +## Uploading SARIF report -checkmarx/kics-action@docker-runner branch runs an alpine based linux container (`checkmarx/kics:nightly-alpine`) that doesn't require downloading kics binaries and queries in the `entrypoint.sh` ```yaml -name: scan with KICS docker-runner +name: scan with KICS and upload SARIF on: pull_request: @@ -152,7 +151,7 @@ jobs: # make sure results dir is created run: mkdir -p results-dir - name: Run KICS Scan with SARIF result - uses: checkmarx/kics-action@docker-runner + uses: checkmarx/kics-action@v1.2 with: path: 'terraform' # when provided with a directory on output_path @@ -176,7 +175,7 @@ jobs: sarif_file: results-dir/results.sarif ``` -## Example using docker-runner and a config file +## Using configuration file Check [configuration file](https://github.com/Checkmarx/kics/blob/master/docs/configuration-file.md) reference for more options. @@ -217,7 +216,7 @@ jobs: } EOF - name: Run KICS Scan using config - uses: checkmarx/kics-action@docker-runner + uses: checkmarx/kics-action@v1.2 with: path: 'terraform' config_path: ./kics.config