Closed mdesmarest closed 3 years ago
jaspervdj-luminal
commented
4 years ago This is a good suggestion. I'm not sure how the git diff integration would work since we allways need the entire terraform plan. But being able to run against multiple folders seems like a fairly easy and useful add!
mdesmarest
commented
4 years ago Thanks Jasper, it would be great to run against a whole folder. I had been using regex based checkers tfsec and checkov and tfsec has an integration with https://github.com/reviewdog/reviewdog that gives Reviewdog control to run tfsec against changes. I should have explained my request better, sorry.
ameliafugue
commented
3 years ago Hi @mdesmarest
I entered your feature request in our feature request tracking system. https://feedback.eu.pendo.io/app/#/case/135460
Love the product, and would love to scale and leverage the github action, however the ability to target either "." or a specific folder in each repo does not allow for automation. It would be fantastic if the tool could iterate over several folders or all folders in a given repo and run the TF plan against each. Also to be able to simply run the action on a repo only for the add/changes via git diff would be great. This tool is vastly superior to other TF scanners that are nothing more than glorified regex scanners, however they are able to iterate across a whole repo and provide security issues based on approximation. Regula allows contextual superior output but does not provide scalability or the ability to target a given folder as stated above.