Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

I'm not able to see results in Prisma Cloud Dashboard using checkov #6661

Open
VaseemFathima-36 opened this issue Aug 16, 2024 · 4 comments
Open

I'm not able to see results in Prisma Cloud Dashboard using checkov #6661

VaseemFathima-36 opened this issue Aug 16, 2024 · 4 comments
Labels
integrations

Comments

@VaseemFathima-36
Copy link

*Describe the issue
I'm using below command to upload results from Azure Devops Pipeline Script to Prisma Cloud Dashboard using checkov.

checkov -d . --bc-api-key $Prisma_Access_Key::$Prisma_Secret_Key --prisma-api-url $PRISMA_API_URL --repo-id OrganizationName/ProjectName/RepoName --branch master --soft-fail --framework all

I have a docker file like below

Use the Eclipse Temurin 17 JRE Alpine image as a base image

FROM eclipse-temurin:17-jre-alpine

Expose port 8080

EXPOSE 8080

Add the application JAR file to the container

ADD target/sample.jar sample.jar
#Expose a secret
ENV SECRET_KEY="fggfhgjjj"

Command to run your application

ENTRYPOINT ["java","-jar","/sample.jar"]

when i give below command it is detecting issues in dockerfile

checkov -d .

but by using below command

checkov -d . --bc-api-key $Prisma_Access_Key::$Prisma_Secret_Key --prisma-api-url $PRISMA_API_URL --repo-id OrganizationName/ProjectName/RepoName --branch master --soft-fail --framework all

it is creating a CICD Run in Prisma Cloud Dashboard but with below message.

No Results Available
No failed issues were detected in this scan.

It should upload the Dockerfile issues to Prisma Cloud Dashboard right ?
@Saarett
Copy link
Contributor

Saarett commented Aug 26, 2024

Hi @VaseemFathima-36 , if you are a Prisma Cloud customer, I suggest reaching out to your Customer Support / Solution Architect representative so they could assist you.

@Gaurang033
Copy link

I was facing the same issue. and I so went on call with prisma and this is what they said.

I've tested this on my end, and confirmed that the policies need to be created on the Prisma Cloud platform in order for your results to appear in the UI.

Please note that Python policy creation is not supported in the platform, so you would need to switch to YAML to create your policy. For more information - https://docs.prismacloud.io/en/enterprise-edition/content-collections/governance/custom-build-policies/custom-build-policies

If you would like to continue to use your custom policies from your local directory, you will only see them when you run the Checkov scan in your local machine.

which means you can't see the report of custom policy created on your local machine. which is weird. coz it's just a report.

@tsmithv11
Copy link
Collaborator

@VaseemFathima-36 please make sure your policies are enabled in the Governance page. Running your command with my Prisma credentials found Passed checks: 3, Failed checks: 3, Skipped checks: 0. If the policies are enabled, then as @Saarett mentioned, please open a support case.

@VaseemFathima-36
Copy link
Author

Ok Sure , will check .

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
integrations
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Gaurang033 @Saarett @tsmithv11 @VaseemFathima-36