remove old tfsec workflow and add checkov scan

synapsestudios / terraform-aws-ecs-service

MIT License

1 stars 0 forks source link

remove old tfsec workflow and add checkov scan #21

Closed dragonfleas closed 1 year ago

dragonfleas commented 1 year ago

Add reusable tf-scan.yml from .github repo
Remove old tfsec pr commenter (broken anyways)
Add pr.yml, cron.yml, and `push.yml for running jobs on select events
Remove terraform.yml

github-advanced-security[bot] commented 1 year ago

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

dragonfleas commented 1 year ago

Looks like Checkov is also in the pocket of Big KMS. Are you going to fix up/ignore those warnings before merging?

@chrisshiplet I thought our plan was going to be creating issues/dismissing out of the security dashboard for each of the repositories. But to answer your question, kind of yes, the self-rolled KMS stuff will be dismissed, not until after I merge this though.