Cross-functional requirements to take into account when developing or planning to develop Bürokratt's custom base components
1
stars
1
forks
source link
Security: Investigate the use of Chekov as a mechanism for avoiding issues in Infrastructure [Spike] #80
Open
guypritchard opened 2 years ago
A tool called Checkov exists for validating K8s, Dockerfiles and Helm Charts for common security issues.
It can validate the Helm Charts we're generating and even the Terraform to generate warnings about security issues.
It would be great if this could run in the CI pipeline and validate security issues are taken care of.
Have a look at:
https://www.checkov.io/