Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

(Snyk): CodePipeline integration with Snyk #16232

Closed
s1mrankaur opened this issue Aug 25, 2021 · 6 comments
Closed

(Snyk): CodePipeline integration with Snyk #16232

s1mrankaur opened this issue Aug 25, 2021 · 6 comments
Labels
@aws-cdk/aws-codepipeline-actions closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. effort/small Small work item – less than a day of effort feature/coverage-gap Gaps in CloudFormation coverage by L2 constructs feature/pfr Product Feature Requests that originated outside of GitHub feature-request A feature should be added or improved. p1

Comments

@s1mrankaur
Copy link

How to use CDK to have Snyk as a target action that is now available as an Action directly in CodePipeline as shown here: https://snyk.io/blog/automate-vulnerability-scanning-in-aws-codepipeline-with-snyk/

@s1mrankaur s1mrankaur added guidance Question that needs advice or information. needs-triage This issue or PR still needs to be triaged. labels Aug 25, 2021
@github-actions github-actions bot added the @aws-cdk/aws-codepipeline Related to AWS CodePipeline label Aug 25, 2021
@skinny85
Copy link
Contributor

Thanks for opening the issue @s1mrankaur! Looks like this will be a very simple action to implement. Contributions are welcome, as always 😉.

@skinny85 skinny85 added @aws-cdk/aws-codepipeline-actions effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. feature/coverage-gap Gaps in CloudFormation coverage by L2 constructs p2 and removed guidance Question that needs advice or information. @aws-cdk/aws-codepipeline Related to AWS CodePipeline needs-triage This issue or PR still needs to be triaged. labels Aug 25, 2021
@skinny85 skinny85 removed their assignment Aug 25, 2021
@skinny85 skinny85 added feature/pfr Product Feature Requests that originated outside of GitHub p1 effort/small Small work item – less than a day of effort and removed p2 effort/medium Medium work item – several days of effort labels Sep 15, 2021
@sholtomaud
Copy link

was there a cdk-sample that documented how to automate this integration with auto key/token regeneration?

@sholtomaud
Copy link

KickinMhl says "@aws-cdk/aws-codepipeline-actions doesn't seem to have a method to create the action that I am able to create in the console."
https://stackoverflow.com/questions/71257220/codepipeline-snyk-action-via-cdk

Can we have a CDK action method to match the aws console action method?

@skinny85
Copy link
Contributor

@sholtomaud you should be able to create your own Action class that implements this integration. Look for details how to do it in this issue: #2516.

@sholtomaud
Copy link

sholtomaud commented Apr 23, 2022

Rather than writing a custom action class, is there an AWS native way to do DevSecOps? Snyk looks great but I prefer using 100% aws native options so is there a native option that replaces Snyk that I'm not aware of?

@github-actions
Copy link

This issue has not received any attention in 1 year. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.

@github-actions github-actions bot added closing-soon This issue will automatically close in 4 days unless further comments are made. closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. and removed closing-soon This issue will automatically close in 4 days unless further comments are made. labels Apr 23, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
@aws-cdk/aws-codepipeline-actions closed-for-staleness This issue was automatically closed because it hadn't received any attention in a while. effort/small Small work item – less than a day of effort feature/coverage-gap Gaps in CloudFormation coverage by L2 constructs feature/pfr Product Feature Requests that originated outside of GitHub feature-request A feature should be added or improved. p1
Projects
None yet
Development

No branches or pull requests

3 participants