support GitLab's `!reference tags` #6711

elchenberg · 2024-09-09T15:13:03Z

Describe the feature

Currently (v3.2.249) Checkov does not seem to support GitLab's !reference tags.

https://docs.gitlab.com/ee/ci/yaml/yaml_optimization.html#reference-tags

I have a .gitlab-ci.yml file and when I run Checkov I see the following warning in the output:

2024-09-09 17:05:56,984 [MainThread  ] [WARNI]  Fail to load yaml content, could not determine a constructor for the tag '!reference'
  in "<unicode string>", line 8, column 13:
              - !reference [checkov, image]
                ^

Examples

trivy:
  image: docker.io/aquasec/trivy:0.55.0@sha256:35e972d4c97895711cb2de6594cc1774b61e6b9dc7661ef73a76dd649f006c8d
  script:
    - trivy image "${IMAGE:?}"
  parallel:
    matrix:
      - IMAGE:
          - !reference [checkov, image]
          - !reference [trivy, image]

checkov:
  image: docker.io/bridgecrew/checkov:3.2.249@sha256:87a82f290af394b7432fa6858efb88c7b65785df8493567794c2ce97120ef228
  script:
    - checkov --directory .

The text was updated successfully, but these errors were encountered:

elchenberg added the contribution requested This is a great feature idea, but we will need a contribution to get it added to Checkov. label Sep 9, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

support GitLab's `!reference tags` #6711

support GitLab's `!reference tags` #6711

elchenberg commented Sep 9, 2024

support GitLab's !reference tags #6711

support GitLab's !reference tags #6711

Comments

elchenberg commented Sep 9, 2024

support GitLab's `!reference tags` #6711

support GitLab's `!reference tags` #6711