-
Notifications
You must be signed in to change notification settings - Fork 26
Expand file tree
/
Copy pathkics.config
More file actions
36 lines (30 loc) · 1.15 KB
/
kics.config
File metadata and controls
36 lines (30 loc) · 1.15 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
---
path:
- .github/workflows
- images
- charts
exclude-paths:
- images/actions-runner-controller
exclude-queries:
- 965a08d7-ef86-4f14-8792-4a3b2098937e # APT Unpinned Version
- 93d88cf7-f078-46a8-8ddc-178e03aeacf1 # YUM/DNF Unpinned Version
- b03a748a-542d-44f4-bb86-9199ab4fd2d5 # No Healthcheck
- 02d9c71f-3ee8-4986-9c27-1a20d0d19bfc # Unpinned Package Version in Pip Install
- f4a6bcd3-e231-4acf-993c-aa027be50d2e # RUN Instruction Using 'cd' Instead of WORKDIR
exclude-results:
- 5486bd8272d9052f38c7646a84d79c767985a0b7c045cbc60451a69c69ef088b # GitHub secret
- b1fca161aca6effb4262a396f73ec3f2b547c4558cadd63baeba7803b1ef9332 # kind cluster secret
- a8959ca633afb21a08422f2a7a0b7d5a7a87ea34fa9e2430febde731722a04e3 # arc-runner namespace
- 6ea061cb912539e19f0f73f7f57ad4461232a8335378d6f4cd77841fb21b0ba0 # RHEL 8 ignore missing update call
- 455c322612ef043cbdf993e16786722a235345a6d9429ddedaf5d57fffdbb83a # RHEL 9 ignore missing update call
output-name: kics-results
type:
- Ansible
- Buildah
- CICD
- Dockerfile
- Kubernetes
# Report formats
report-formats: json,sarif,html
# Fail on
fail-on: high,critical