Merge pull request #23 from snyk/develop

Deploy
snyk · Mar 27, 2020 · 664bc6e · 664bc6e
2 parents 9432a85 + 3bc049d
commit 664bc6e
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 10 deletions.
diff --git a/README.md b/README.md
@@ -3,15 +3,14 @@
 ## The Snyk Orb
 
 Use the Snyk orb to easily incorporate Snyk into your CircleCI Workflows.
-
-By utilizing this orb in your projects workflow, it is possible to use Snyk to test, fix and monitor your project for vulnerabilities in the app dependencies and Docker images, all with a single command. You can set thresholds for vulnerability tolerance in your app or Docker image (and fail the workflows when threshold is exceeded), apply proprietary Snyk patches, and save dependency snapshots on snyk.io for continuous monitoring and alerting.
+By utilizing this orb in your project workflow, it is possible to use Snyk to test, fix and monitor your project for vulnerabilities in the app dependencies and Docker images, all with a single command. You can set thresholds for vulnerability tolerance in your app or Docker image (and fail the workflows when threshold is exceeded), apply proprietary Snyk patches, and save dependency snapshots on snyk.io for continuous monitoring and alerting.
 
 ## How to use the Snyk Orb
 
 In fact, it is very easy to start using the Orb.
 All you need to do is:
 
-1. Follow the instructions at the [Orb Quick Start Guide](https://circleci.com/orbs/registry/orb/snyk/snyk#quick-start) to enable usage of Orbs in your projects workflow.
+1. Follow the instructions at the [Orb Quick Start Guide](https://circleci.com/orbs/registry/orb/snyk/snyk#quick-start) to enable usage of Orbs in your project workflow.
 2. Set up an environment variable (`SNYK_TOKEN`) with your Snyk API token, which you can get from your [account](https://app.snyk.io/account).
 3. In the app build job, call the `snyk/scan`
 4. Optionally, supply parameters to customize orb behaviour

diff --git a/src/commands/scan.yml b/src/commands/scan.yml
@@ -15,7 +15,7 @@ parameters:
   protect:
     description: Protect the app by applying patches specified in your .snyk file (after running the Snyk wizard)
     type: boolean
-    default: false  
+    default: false
   fail-on-issues:
     description: This specifies if builds should be failed or continued based on issues found by Snyk.
     type: boolean
@@ -32,7 +32,7 @@ parameters:
     description: The image name, if scanning a container image
     type: string
     default: ""
-  organization: 
+  organization:
     description: >
       Name of the Snyk organisation name, under which this project should be tested and monitored
       If omitted the default organization will be used.
@@ -56,17 +56,17 @@ parameters:
   install-alpine-dependencies:
     description: Install additional dependencies required by the alpine cli
     type: boolean
-    default: true 
+    default: true
 steps:
   # install snyk
-  - run: 
+  - run:
       name: Download Snyk CLI
       command: |
         if [[ ! -x "/usr/local/bin/snyk" ]]; then
           if [[ "<<parameters.os>>" == "alpine" && "<<parameters.install-alpine-dependencies>>" == "true" ]]; then
             apk add -q --no-progress --no-cache curl wget libstdc++ sudo
           fi
-          curl -s https://api.github.com/repos/snyk/snyk/releases/latest | grep "browser_download_url" | grep <<parameters.os>> | cut -d '"' -f 4 | xargs wget -q
+          curl -s https://api.github.com/repos/snyk/snyk/releases/latest | grep "browser_download_url" | grep <<parameters.os>> | cut -d '"' -f 4 | xargs -n 1 curl -LO
           sha256sum -c snyk-<<parameters.os>>.sha256
           sudo mv snyk-<<parameters.os>> /usr/local/bin/snyk
           sudo chmod +x /usr/local/bin/snyk
@@ -85,7 +85,7 @@ steps:
   - run:
       name: "Run Snyk test to scan app for vulnerabilities"
       command: >
-        snyk test 
+        snyk test
         <<#parameters.docker-image-name>>--docker <<parameters.docker-image-name>><</parameters.docker-image-name>>
         <<#parameters.severity-threshold>>--severity-threshold=<<parameters.severity-threshold>><</parameters.severity-threshold>>
         <<#parameters.organization>>--org=<<parameters.organization>><</parameters.organization>>
@@ -99,7 +99,7 @@ steps:
         - run:
             name: "Run Snyk monitor for continuous monitoring on snyk.io"
             command: >
-              snyk monitor 
+              snyk monitor
               <<#parameters.docker-image-name>>--docker <<parameters.docker-image-name>><</parameters.docker-image-name>>
               <<#parameters.project>>--project-name=<<parameters.project>><</parameters.project>>
               <<#parameters.organization>>--org=<<parameters.organization>><</parameters.organization>>