Add Checkov action to CI/CD pipeline #1087
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🗣 Description
The goal of this PR was to add the Checkov action to the CI/CD pipeline. While there, I also slightly reorg'd the pipeline to fail fast and rewrote the PS linter action (reduced the runtime from 3m30s to 1m).
Closes #980
💭 Motivation and context
This is part of our efforts to build a robust CI/CD pipeline that builds, tests, and releases ScubaGear.
🧪 Testing
I ran the pipeline, fixed a security bugs, and saw that everything was a lovely shade of green.
✅ Pre-approval checklist
Well, I did have a little bit of scope creep, as improving the PS linter wasn't technically part of the task. But I really wanted the pipeline to run faster. Now it does. :-D
✅ Pre-merge checklist
PR passed smoke test check.
Feature branch has been rebased against changes from parent branch, as needed
Use
Rebase branch
button below or use this reference to rebase from the command line.Resolved all merge conflicts on branch
Notified merge coordinator that PR is ready for merge via comment mention
✅ Post-merge checklist