Skip to content
Snyk Scan

update ensure-snyk-policy-vesion.yaml #177

Sign in to view logs

update ensure-snyk-policy-vesion.yaml

update ensure-snyk-policy-vesion.yaml #177

Workflow file for this run

.github/workflows/snyk-test.yaml at 275ec7d
name: Snyk Scan
on:
workflow_dispatch:
pull_request:
branches: main
env:
IMAGE_NAME: nodejs-goof
PLATFORM: linux-arm64
jobs:
build:
name: Snyk Scan
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [20.x]
continue-on-error: true
steps:
- uses: actions/checkout@v2
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node-version }}
cache: 'npm'
- name: Build project
run: npm install --legacy-peer-deps
- name: Setup Snyk + snyk-filter # For information about the required commands https://docs.snyk.io/scm-ide-and-ci-cd-integrations/snyk-ci-cd-integrations
run: |
npm install snyk snyk-filter -g
snyk auth ${{ secrets.SNYK_TOKEN }}
- name: Snyk Open Source
run: snyk test --all-projects --json | snyk-filter # --json --print-deps | snyk-delta --setPassIfNoBaseline false
# run: snyk monitor --org=XXX ---project-name=XXX - Use snyk monitor command to upload the results to the UI
continue-on-error: true
- name: Snyk Code
run: snyk code test
continue-on-error: true
- name: Snyk Container
run: |
docker build . -t ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }} --platform=${{ env.PLATFORM }}
snyk container test ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }} --file=Dockerfile --exclude-app-vulns --platform=${{ env.PLATFORM }}
# Rename your image, for uploading directly to your snyk org please use the command "snyk container monitor $container_name/$tag --org=$ORG_ID"
continue-on-error: true
- name: Snyk IaC
run: snyk iac test
continue-on-error: true