Skip to main content

Checkov

This component is a scanner that parses sarif reports by semgrep and converts them into ocsf format.

How to use with Smithy

Open-Source

There is an example workflow in the smithy repository. After you have cloned the repo, you can run:

$ smithyctl \
  workflow run \
    --overrides-path=./examples/checkov/overrides.yaml \
    --build-component-images \
      ./examples/checkov/workflow.yaml

SaaS

In the Smithy UI, open the page to create a new workflow.
Add an advanced git or github target and configure it to point to a repository with the source code for your application.
Find checkov in the Scanners dropdown. Click to add it to the workflow.
Run the workflow as normal.
The results will be available in the Smithy UI, where you can review the findings and take action as needed.

Options

This component does not accept options.

How to use with Smithy
- Open-Source
- SaaS
Options