Add Tfsec security scanning before Checkov
All checks were successful
Code Quality & Security Scan / Checkov Security Scan (push) Successful in 36s
Code Quality & Security Scan / TFLint (push) Successful in 19s
Code Quality & Security Scan / Tfsec Security Scan (push) Successful in 1m4s
Code Quality & Security Scan / SonarQube Trigger (push) Successful in 40s
All checks were successful
Code Quality & Security Scan / Checkov Security Scan (push) Successful in 36s
Code Quality & Security Scan / TFLint (push) Successful in 19s
Code Quality & Security Scan / Tfsec Security Scan (push) Successful in 1m4s
Code Quality & Security Scan / SonarQube Trigger (push) Successful in 40s
- Added Tfsec job for Terraform security analysis - Tfsec specializes in detecting security issues in Terraform code - Pipeline flow: TFLint -> Tfsec -> Checkov -> SonarQube - Tfsec focuses on cloud security misconfigurations - Complements Checkov with different security rule sets
This commit is contained in:
parent
3ee45d2603
commit
0089d060cf
GPG Key ID:
5EBA7F21CF583321
@ -27,10 +27,26 @@ jobs:
|
||||
- name: Run TFLint
|
||||
run: tflint --format compact
|
||||
|
||||
tfsec:
|
||||
name: Tfsec Security Scan
|
||||
runs-on: ubuntu-latest
|
||||
needs: tflint
|
||||
steps:
|
||||
- name: Checking out
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Run Tfsec
|
||||
uses: aquasecurity/tfsec-action@v1.0.3
|
||||
with:
|
||||
format: default
|
||||
soft_fail: false
|
||||
|
||||
checkov:
|
||||
name: Checkov Security Scan
|
||||
runs-on: ubuntu-latest
|
||||
needs: tflint
|
||||
needs: tfsec
|
||||
steps:
|
||||
- name: Checking out
|
||||
uses: actions/checkout@v4
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user