Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Checkov and CFN-Lint #319

Merged
merged 5 commits into from
Oct 22, 2024
Merged

Update Checkov and CFN-Lint #319

merged 5 commits into from
Oct 22, 2024

Conversation

g-marconet
Copy link
Contributor

@g-marconet g-marconet commented Oct 22, 2024
edited
Loading

Update Checkov and CFN-Lint

Description

  • Updates Checkov to 3.2.268
    • Packaging gets bumped to 23.2, which is what Checkov requires
  • CFN-Lint gets bumped to 1.18.1
    • The latest version removes a conflict with Checkov on jsonschema versions
  • Also removes some things we were doing to accommodate the old Checkov version, like pinning setuptools and virtualenv versions in the Github Actions Workflows

Motivation and Context

  • Checkov likes to pin dependencies, which made the old version kinda problematic as its dependencies were conflicting with other things.
  • CFN-Lint needed to be updated in order to update Checkov

How Has This Been Tested?

  • Tests pass
  • Working in dev environment

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation change

Checklist

  • My code follows conforms to the coding standards.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have added tests to cover my changes.
  • All new and existing tests passed.

@g-marconet g-marconet marked this pull request as ready for review October 22, 2024 21:30
@g-marconet g-marconet requested a review from a team as a code owner October 22, 2024 21:30
@g-marconet g-marconet added this pull request to the merge queue Oct 22, 2024
Merged via the queue into main with commit 71d8db2 Oct 22, 2024
6 checks passed
@g-marconet g-marconet deleted the g-marconet/checkov-3 branch October 22, 2024 22:05
ZoogieZork
ZoogieZork reviewed Oct 23, 2024
View reviewed changes
backend/engine/tests/test_plugin_checkov.py
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For a follow-up PR, we should be able to un-comment the "New findings in Checkov 3.2." block. Unless something changed since the last time we tried to upgrade Checkov, those extra two test cases should still be valid. :)

@g-marconet g-marconet mentioned this pull request Oct 23, 2024
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ZoogieZork ZoogieZork ZoogieZork left review comments

@davakos davakos davakos approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@g-marconet @ZoogieZork @davakos