Always provide comprehensive documentation for all configuration options, including environment variables, feature flags, and version overrides. For each configuration option:
Always provide comprehensive documentation for all configuration options, including environment variables, feature flags, and version overrides. For each configuration option:
For environment variables used for authentication:
| Variable Name | Description | Default Value |
|-------------------|----------------------------------------------------------------|------------------|
| TF_HOST_NAME | Terraform Enterprise host name (example.com) | app.terraform.io |
| TF_REGISTRY_TOKEN | Private registry access token for Terraform Cloud/Enterprise | None |
When defining multiple configuration options in JSON files, use arrays for multiple values with the same key:
{
"name": "my-package",
"version": "1.0.0",
"//": ["checkov:skip=express[BC_LIC_2]: ignore license violations",
"checkov:skip=CVE-2023-123: ignore this CVE"]
}
For container-based tools, document version pinning options:
# Default configuration uses 'latest' tag
hooks:
- id: checkov_container
entry: bridgecrew/checkov -d .
# Override with specific version
hooks:
- id: checkov_container
entry: bridgecrew/checkov:2.4.2 -d .
Enter the URL of a public GitHub repository