| description | title | layout | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Checkov is a static code analysis tool for scanning infrastructure as code. It identifies misconfigurations in IaC files that could lead to security breaches. |
Trunk | How to run Checkov |
|
Checkov is a linter for Cloudformation, Security, Terraform and Docker.
You can enable the Checkov linter with:
trunk check enable checkov
Checkov will be auto-enabled if any Terraform, Cloudformation, Docker, Yaml or Json files are present.
Checkov supports the following config files:
.checkov.yml.checkov.yaml
You can move these files to .trunk/configs and trunk check will still find them. See Moving Linters for more info.
- Checkov site
- Checkov Trunk Code Quality integration source
- Trunk Code Quality's open source plugins repo