Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Checkov scans files not defined in FILTER_REGEX_INCLUDE #5712

Closed
5 tasks done
kernelsam opened this issue May 29, 2024 · 1 comment
Closed
5 tasks done

Checkov scans files not defined in FILTER_REGEX_INCLUDE #5712

kernelsam opened this issue May 29, 2024 · 1 comment
Labels
bug Something isn't working

Comments

@kernelsam
Copy link

kernelsam commented May 29, 2024
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Are you using the latest Super-linter version available?

  • I am using the latest Super-linter version.

  • I can reproduce the issue running Super-linter using complete version identifier (example: vX.Y.Z), and not just with a partial one (example: vX)

  • I am using the super-linter/super-linter action or container image, and not the deprecated github/super-linter action or container image.

Are you resonably sure that it's a Super-linter issue, and not an issue related to a tool that Super-linter runs?

  • I think that this is a Super-linter issue.

Current Behavior

I set FILTER_REGEX_INCLUDE to limit scanning to files in .github/workflows. Checkov is reporting issues on a Dockerfile in the root directory.

Expected Behavior

Checkov should only scan files defined by FILTER_REGEX_INCLUDE.

Super-Linter version

v6.5.1

Relevant log output

CHECKOV
  2024-05-29 15:57:00 [INFO]   Linting CHECKOV items...
  Error: -29 15:57:05 [ERROR]   Found errors when linting CHECKOV. Exit code: 1.
  2024-05-29 15:57:05 [INFO]   Command output for CHECKOV:
  ------
  dockerfile scan results:
  Passed checks: 52, Failed checks: 1, Skipped checks: 0
  Check: CKV_DOCKER_7: "Ensure the base image uses a non latest version tag"
  	FAILED for resource: /Dockerfile.FROM
  	File: /Dockerfile:2-2
  	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-the-base-image-uses-a-non-latest-version-tag
  		2 | FROM ${BASE_IMAGE}
  github_actions scan results:
  Passed checks: 72, Failed checks: 0, Skipped checks: 0

Steps To Reproduce

step definition:

 - name: lint code base
        uses: super-linter/super-linter@v6.5.1
        env:
          DEFAULT_BRANCH: main
          FILTER_REGEX_INCLUDE: .*.github/workflows/.*
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          # only lint new and modified files
          VALIDATE_ALL_CODEBASE: false

Add a Dockerfile with an issue in the root of the repository and run linting

Anything else?

No response
@kernelsam kernelsam added the bug Something isn't working label May 29, 2024
@kernelsam
Copy link
Author

#5308
Found answers here

@ferrarimarco ferrarimarco closed this as not planned Won't fix, can't repro, duplicate, stale May 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ferrarimarco @kernelsam