Only scan Dockerfile

kchason · Jan 24, 2024 · 15fb142 · 15fb142
1 parent 45f4cac
commit 15fb142
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml
@@ -29,7 +29,7 @@ jobs:
       - name: Docker Scan
         uses: Checkmarx/[email protected]
         with:
-          path: .
+          path: Dockerfile
           fail_on: high,medium
           output_path: results
         env:

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -21,7 +21,7 @@ pre-commit run --all-files
 This project uses [KICS](https://docs.kics.io/latest/getting-started/) to scan for security issues in the infrastructure such as the `Dockerfile`. To run the scan, run the following command:
 
 ```bash
-docker run -t -v $(pwd):/path checkmarx/kics:latest scan -p /path -o "/path/"
+docker run -t -v $(pwd):/path checkmarx/kics:latest scan -p /path/Dockerfile -o "/path/"
 ```
 
 This will generate a `results.json` file as well as print the contents to the console. Any findings above a `low` severity should be addressed before committing code as they will fail the CI pipeline.