ensure-snyk-policy-version.yaml

name: Ensure Snyk File Versions

on:
  workflow_dispatch:
#   pull_request:
#     branches: [main]
#   push:
#     branches: [main]
jobs:
  Check-Versions:
    name: Ensure Snyk Policy Version
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Ensure correct .snyk version
        run: |
          echo "${{ secrets.SNYK_SHA }}" | sha256sum --check --status -
          if [ $? -eq 0 ]; then
                echo ".snyk file is up-to-date."
              else
                echo ".snyk file was missing or outdated."
              fi
      - name: Ensure correct snyk-test.yaml version
        run: |
          echo "${{ secrets.SNYK_TEST_SHA }}" | sha256sum --check --status -
          if [ $? -eq 0 ]; then
                echo ".github/workflows/snyk-test.yaml is up-to-date."
              else
                echo ".github/workflows/snyk-test.yaml file was missing or outdated."
              fi
  Trigger-Test:
    needs: Check-Versions
    name: Trigger Snyk test
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - env:
          GH_TOKEN: ${{ secrets.MY_TOKEN }}
          SNYK_ACTION_NAME: ${{ secrets.SNYK_ACTION_NAME }}
        run: |
          gh workflow run $SNYK_ACTION_NAME