Testing Helm charts with Snyk CLI

You scan a Helm chart by rendering the Helm templates into Kuberenetes manifest files and then scanning these using the Snyk CLI snyk iac command.

For example, if you have a Helm project located in a ./helm directory you would run the following command to output the templated files into a directory called ./output:

helm template ./helm --output-dir ./output
snyk iac test ./output

helm template .\helm\ --output-dir .\output\
snyk iac test .\output\

For unix-based terminals you can also pipe the output of helm template directly into a single file:

helm template ./helm > output.yaml
snyk iac test output.yaml

The Snyk CLI is not able to read from standard input at this time; Snyk is working on this feature.

PreviousTest your Kustomize files with Snyk CLI NextTest your Serverless files with Snyk CLI

Last updated 2 years ago

Was this helpful?