feat(#106): add circleci job to scan IAM using checkov

Author: abhisheksr01

.circleci/config.yml

@@ -154,6 +154,16 @@ jobs:
       - store_artifacts:
           path: build/reports/dependency-vulnerabilities
           when: always
+  checkov-scan:
+    executor: helm
+    steps:
+      - checkout
+      - run:
+          name: Install checkov
+          command: yum install python3-pip -y && sudo python3 -m pip install -U checkov -y
+      - run:
+          name: Scan K8s manifest and Docker using checkov
+          command: checkov -d ./
   docker_lint_build_scan_push:
     executor: docker-git
     steps:
@@ -285,6 +295,10 @@ workflows:
           timeout: 25m
           requires:
             - Build
+      - checkov-scan:
+          name: Checkov IAC scan
+          requires:
+            - Build
       - docker_lint_build_scan_push:
           <<: *credential_context
           name: Docker Lint Build Scan Push