Add Checkov and Gitleaks documentation and configuration

hasit · hasit · commit 9276d9954a2d · 2024-07-15T10:49:39.000-07:00
diff --git a/docs/guides/tools/checkov.md b/docs/guides/tools/checkov.md
@@ -0,0 +1,63 @@
+---
+title: Checkov
+sidebar_label: Checkov
+description: CodeRabbit's guide to Checkov.
+sidebar_position: 2
+---
+
+[Checkov](https://www.checkov.io/) is a static code analysis tool for scanning Infrastructure as Code (IaC) files for misconfigurations.
+
+## Files
+
+Checkov will run on files with the following files and extensions:
+
+- `.tf`
+- `.yml`
+- `.yaml`
+- `.json`
+- `.template`
+- `.bicep`
+- `.hcl`
+- `bower.json`
+- `build.gradle`
+- `build.gradle.kts`
+- `go.sum`
+- `gradle.properties`
+- `METADATA`
+- `npm-shrinkwrap.json`
+- `package.json`
+- `package-lock.json`
+- `pom.xml`
+- `requirements.txt`
+- `Dockerfile`
+- `.dockerfile`
+- `Dockerfile.*`
+- `.csproj`
+- `yarn.lock`
+- `Gemfile`
+- `Gemfile.lock`
+- `go.mod`
+- `paket.dependencies`
+- `paket.lock`
+- `packages.config`
+- `composer.json`
+- `composer.lock`
+
+## Configuration
+
+CodeRabbit will include on the following severity levels based on the profile selected:
+
+### Chill
+
+- `HIGH`
+- `CRITICAL`
+
+### Assertive
+
+- `MEDIUM`
+- `HIGH`
+- `CRITICAL`
+
+## Links
+
+- [Checkov All Resource Scans](https://www.checkov.io/5.Policy%20Index/all.html)
diff --git a/docs/guides/tools/gitleaks.md b/docs/guides/tools/gitleaks.md
@@ -0,0 +1,22 @@
+---
+title: Gitleaks
+sidebar_label: Gitleaks
+description: CodeRabbit's guide to Gitleaks.
+sidebar_position: 11
+---
+
+[Gitleaks](https://gitleaks.io/) is a secret-scanner.
+
+## Files
+
+Gitleaks will run on all files with the following extensions.
+
+## Configuration
+
+Gitleaks supports the following config files:
+
+- `gitleaks.toml`
+
+## Links
+
+- [Gitleaks Configuration](https://github.com/gitleaks/gitleaks#configuration)
diff --git a/docs/guides/tools/golangci-lint.md b/docs/guides/tools/golangci-lint.md
@@ -2,7 +2,7 @@
 title: golangci-lint
 sidebar_label: golangci-lint
 description: CodeRabbit's guide to golangci-lint.
-sidebar_position: 8
+sidebar_position: 9
 ---
 
 [golangci-lint](https://golangci-lint.run/) is a fast Go linters runner.
diff --git a/docs/guides/tools/tools.md b/docs/guides/tools/tools.md
@@ -46,3 +46,5 @@ Remove extraneous f prefix
 - [PHPStan](./phpstan.md)
 - [golangci-lint](./golangci-lint.md)
 - [YamlLint](./yamllint.md)
+- [Gitleaks](./gitleaks.md)
+- [Checkov](./checkov.md)
diff --git a/docs/guides/tools/yamllint.md b/docs/guides/tools/yamllint.md
@@ -2,7 +2,7 @@
 title: Yamllint
 sidebar_label: Yamllint
 description: CodeRabbit's guide to Yamllint.
-sidebar_position: 8
+sidebar_position: 10
 ---
 
 [Yamllint](https://yamllint.readthedocs.io/en/stable/) is a linter for YAML.
