To use kics
with pre-commit add the following hook to your local repo's .pre-commit-config.yaml
file.
- repo: https://github.com/Checkmarx/kics
rev: "" # change to correct tag or sha
hooks:
- id: kics-scan
You can provide arguments to kics
by providing the pre-commit args
property. The following example will print the kics scan
output, but will not block regardless of success/failure.
repos:
- repo: https://github.com/Checkmarx/kics
rev: "" # change to correct tag or sha
hooks:
- id: kics-scan
verbose: true
args: [--ignore-on-exit, "all"]
You can create your own local pre-commit hook using the docker_image language.
This is a more lightweight way to configure kics
as a pre-commit hook.
repos:
- repo: local
hooks:
- id: kics-scan-local
name: Kics scan
language: docker_image
entry: checkmarx/kics scan -p /src --no-progress
verbose: true