farhoodliquor/irc
Archived
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2026-05-26. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
main
irc/.checkov.yaml
T

16 lines
815 B
YAML
Raw Permalink Blame History

soft-fail: false
quiet: true
compact: true
framework:
- all
skip-check:
- CKV_K8S_21 # Default namespace usage
- CKV_K8S_43 # Image tag validation (using latest tags intentionally)
- CKV_K8S_14 # Image tag should be fixed (same as above)
- CKV_K8S_22 # Read-only filesystem (IRC apps need to write to volumes)
- CKV_K8S_40 # Containers should run as high UID (ZNC LinuxServer container needs flexibility)
- CKV_K8S_23 # Minimize admission of root containers (ZNC requires root for s6-overlay init)
- CKV_K8S_20 # Containers should not run with allowPrivilegeEscalation (ZNC needs init flexibility)
- CKV_K8S_37 # Capabilities - drop ALL (ZNC needs flexible capabilities for init)
- CKV_K8S_38 # Ensure that Service Account Tokens are only mounted where necessary (already set to false)
Reference in New Issue View Git Blame Copy Permalink