Snyk scans Helm Charts, in addition to Kubernetes configuration files, for misconfigurations and security issues. Once Helm Charts are scanned, Snyk creates projects for each template and dependency template, generates reports on any misconfigurations, and makes recommendations for fixing them.
Prerequisites
-
An administrator should integrate your organization with your preferred Git repository and enable detection of configuration files as described here.
-
We currently scan Chart templates for Deployments, Pods and Services.
Scan and fix your Charts
-
Log in to your account and navigate to the relevant group and organization that you want to manage.
-
If you already imported your repositories for testing before cloud configuration file detection was enabled by your administrator, then you should re-import that repository again in order to import the relevant JSON or YAML configuration files:
-
Every time a repository is scanned:
-
Each template in your Helm Chart creates a Snyk a project, grouped together by repository, similar to this example:
-
If you re-imported the repository in order to import the cloud configuration files, then Snyk imports and tests the configuration files and also re-tests the already imported application manifest files - displaying the test time as "now".
-
-
Click the project link you're interested in, to view the scan results and to correct your configuration files accordingly:
- Projects that were created from external dependencies will also be scanned and issues shown.
Note
For more information about these results, see Working with your Kubernetes configuration file test results.
- Projects that were created from external dependencies will also be scanned and issues shown.