Merge pull request #9298 from DefectDojo/master-into-dev/2.30.1-2.31.…

…0-dev Release: Merge back 2.30.1 into dev from: master-into-dev/2.30.1-2.31.0-dev
DefectDojo · Jan 8, 2024 · 0e9ac64 · 0e9ac64
2 parents 30b2d49 + 26aa901
commit 0e9ac64
Show file tree

Hide file tree

Showing 2 changed files with 49 additions and 2 deletions.
diff --git a/docs/content/en/integrations/parsers/file/checkov.md b/docs/content/en/integrations/parsers/file/checkov.md
@@ -2,4 +2,51 @@
 title: "Checkov Report"
 toc_hide: true
 ---
-Import JSON reports of Infrastructure as Code vulnerabilities.
+### File Types
+DefectDojo parser accepts Checkov scan data as a .JSON file.
+
+JSON files can be created from the Checkov CLI: https://www.checkov.io/2.Basics/CLI%20Command%20Reference.html
+
+### Acceptable JSON Format
+
+~~~
+{
+    "check_type": "terraform",
+    "results": {
+        "passed_checks": [
+          ],
+        "failed_checks": [
+                {
+                    "check_id": "CKV_AZURE_41",
+                    "check_name": "Ensure the key vault is recoverable",
+                    "check_result": {
+                        "result": "FAILED"
+                    },
+                    "code_block": [
+                    ],
+                    "file_path": "file_path",
+                    "file_line_range": [
+                        1,
+                        16
+                    ],
+                    "resource": "azurerm_key_vault.main",
+                    "check_class": "checkov.terraform.checks.resource.azure.KeyvaultRecoveryEnabled",
+                    "guideline": "https://docs.bridgecrew.io/docs/ensure-the-key-vault-is-recoverable"
+                },
+            ...
+        ],
+        "skipped_checks": [],
+        "parsing_errors": []
+    },
+    "summary": {
+        "passed": 0,
+        "failed": 2,
+        "skipped": 0,
+        "parsing_errors": 0,
+        "checkov_version": "1.0.467"
+    }
+}
+~~~
+
+### Sample Scan Data
+Sample Checkov scans can be found at https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/checkov
diff --git a/helm/defectdojo/Chart.yaml b/helm/defectdojo/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 appVersion: "2.31.0-dev"
 description: A Helm chart for Kubernetes to install DefectDojo
 name: defectdojo
-version: 1.6.104-dev
+version: 1.6.105-dev
 icon: https://www.defectdojo.org/img/favicon.ico
 maintainers:
   - name: madchap