Support for Terraform #998
Comments
|
Here is the place to find discussions about vulnerabilities with Terraform. |
|
👋 Hi @jacobball11! I'm not too familiar with Terraform, but you may be able to use Anchore's SBOM action, which will generate a bill of materials and submit it to the dependency graph. The action leverages the dependency submission API that allows you to submit different kinds of dependencies that are not supported out of the box. If Anchore's action isn't helpful, and you're eager, you could write your own to submit your dependencies using the dependency submission toolkit or use the API directly. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
My organization uses Terraform for nearly all automated deployments. Each Terraform Workspace has an associated lock file that represents each provider and version the configuration uses. I would like to enable dependency graphs and analysis for this suite of tools but it appears GitHub does not support dependencies on this ecosystem.
I may be submitting this to the wrong location, but this is where the rabbit hole has taken me! Thanks in advance for any and all guidance.
The text was updated successfully, but these errors were encountered: