From 2629d73fc761ab7916a5b7ee1bf6ad748a6ef553 Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Tue, 17 Jan 2023 21:25:19 +0100 Subject: [PATCH 01/16] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4bd6e2d..14c38bc 100644 --- a/README.md +++ b/README.md @@ -232,7 +232,7 @@ docker run \ musicservice:dev ``` -6. 🎉 Create a branch and make your changes. When committing changes please use [Gitmoji](https://gitmoji.dev/) and [close the corresponding issue with "fixed"](https://github.com/gitbucket/gitbucket/wiki/How-to-Close-Reference-issues-and-pull-request) and the number of the issue `git commit -m ":bug: fixed #21 Your commit message"` +6. 🎉 Use the develop branch and commit your feature to a new branch. When committing changes please use [Gitmoji](https://gitmoji.dev/) and [close the corresponding issue with "fixed"](https://github.com/gitbucket/gitbucket/wiki/How-to-Close-Reference-issues-and-pull-request) and the number of the issue `git commit -m ":bug: fixed #21 Your commit message"` 7. ⬆ Create a [pull request](https://github.com/thijstakken/MusicService/pulls) 8. 🚀 Wait for it to be reviewed and merged! From 970c0f8639e60a98ce21073c0cff353365c1d49b Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Mon, 17 Jul 2023 20:38:51 +0200 Subject: [PATCH 02/16] :bug: fixed #36 upgrade to YT-DLP --- main.py | 7 ++++--- requirements.txt | 3 ++- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/main.py b/main.py index 41a0a99..1c0f25f 100644 --- a/main.py +++ b/main.py @@ -1,6 +1,6 @@ from __future__ import unicode_literals from re import L -import youtube_dl +from yt_dlp import YoutubeDL import shutil import requests import os @@ -28,6 +28,7 @@ def my_hook(d): # Configure YouTube DL options ydl_opts = { 'writethumbnail': True, + 'no_write_playlist_metafiles': True, # do not save playlist data, like playlist .png 'format': 'bestaudio[asr<=44100]/best[asr<=44100]/bestaudio', # using asr 44100 as max, this mitigates exotic compatibility issues with certain mediaplayers, and allow bestaudio as a fallback for direct mp3s 'postprocessors': [{ 'key': 'FFmpegExtractAudio', # use FFMPEG and only save audio @@ -42,7 +43,7 @@ def my_hook(d): 'simulate': False, # to dry test the YT-DL, if set to True, it will skip the downloading. Can be True/False 'cachedir': False, # turn off caching, this should mitigate 403 errors which are commonly seen when downloading from Youtube 'download_archive': './config/downloaded', # this will update the downloads file which serves as a database/archive for which songs have already been downloaded, so it don't downloads them again - 'nocheckcertificate': True, # mitigates YT-DL bug where it wrongly examins the server certificate, so therefore, ignore invalid certificates for now, to mitigate this bug + 'nocheckcertificates': True, # mitigates YT-DL bug where it wrongly examins the server certificate, so therefore, ignore invalid certificates for now, to mitigate this bug } # reads and saves playlist URL's in a list @@ -53,7 +54,7 @@ def getPlaylistURLs(): # downloads the playlists with the specified options in ydl_opts def downloadPlaylists(ydl_opts, lines): - with youtube_dl.YoutubeDL(ydl_opts) as ydl: + with YoutubeDL(ydl_opts) as ydl: ydl.download(lines) # creates directories in the cloud based on the local directory structure diff --git a/requirements.txt b/requirements.txt index ff0c3aa..4490e28 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,5 @@ -youtube_dl==2021.12.17 +#youtube_dl==2021.12.17 +yt-dlp==2023.7.6 python-dotenv #os requests From 4d1e44bb1684466b09bd91e1692e3651bb4827f8 Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Tue, 18 Jul 2023 09:26:53 +0200 Subject: [PATCH 03/16] :memo: Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 14c38bc..a82bf79 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ **A tool that synchronizes your YouTube playlists and other music providers with your Cloud Storage like Nextcloud as MP3s.** ### What does it do? ✨ -- 🎵 Downloads your music from YouTube, SoundCloud [and many more](http://ytdl-org.github.io/youtube-dl/supportedsites.html) +- 🎵 Downloads your music from YouTube, SoundCloud [and many more](https://github.com/yt-dlp/yt-dlp/blob/master/supportedsites.md) - 😁 Automatically monitors your playlists for newly added music - 🔄 Converts video files to the highest quality MP3 possible -  ☁  Uploads your music as MP3 to your Cloud Storage account. Supports all Cloud providers with WebDAV compatibility: Nextcloud, ownCloud, pCloud, STACK [and many more](https://community.cryptomator.org/t/webdav-urls-of-common-cloud-storage-services/75) @@ -209,7 +209,7 @@ Feel free to contribute, you can [submit issues here](https://github.com/thijsta ### Developer instructions 👩🏻‍💻👨🏻‍💻 System requirements: Have [Docker (Desktop or Engine)](https://www.docker.com/) installed on your system
-Techniques: [Python](https://www.python.org/), [Docker](https://www.docker.com/), [youtube-dl](https://youtube-dl.org/) and [WebDAV](http://www.webdav.org/) +Techniques: [Python](https://www.python.org/), [Docker](https://www.docker.com/), [YT-DLP](https://github.com/yt-dlp/yt-dlp) and [WebDAV](http://www.webdav.org/) 1. 🤠 Git clone the project with `git clone https://github.com/thijstakken/MusicService.git` 2. 🐛 [Pick a issue from the list or create a new issue and use that one](https://github.com/thijstakken/MusicService/issues) From 16f6164868b3e9d8a5a5aae9d4319e90f7445b8d Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Tue, 18 Jul 2023 11:15:06 +0200 Subject: [PATCH 04/16] Create dependabot.yml --- .github/dependabot.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..e2a8a66 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,11 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + - package-ecosystem: "pip" # See documentation for possible values + directory: "/requirements.txt" # Location of package manifests + schedule: + interval: "weekly" From 99531f77125b13541c8bec7155146cbc94046a54 Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Sat, 26 Aug 2023 20:09:14 +0200 Subject: [PATCH 05/16] Update dependabot.yml --- .github/dependabot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index e2a8a66..91abb11 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -6,6 +6,6 @@ version: 2 updates: - package-ecosystem: "pip" # See documentation for possible values - directory: "/requirements.txt" # Location of package manifests + directory: "/" # Location of package manifests schedule: interval: "weekly" From aa79e13fce3de5a3b09e3f84069b69ab9bb2f724 Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Wed, 25 Oct 2023 19:05:17 +0200 Subject: [PATCH 06/16] Update requirements.txt upgrade yt-dlp dependency --- requirements.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.txt b/requirements.txt index 4490e28..0eafd39 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,6 +1,6 @@ #youtube_dl==2021.12.17 -yt-dlp==2023.7.6 +yt-dlp==2023.10.13 python-dotenv #os requests -pyparsing \ No newline at end of file +pyparsing From 031c9e709ab380b266c4126087fb92e4b1a9d293 Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Sat, 1 Jun 2024 16:00:28 +0200 Subject: [PATCH 07/16] Update snyk-container.yml --- .github/workflows/snyk-container.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/snyk-container.yml b/.github/workflows/snyk-container.yml index db2b674..94fe5bf 100644 --- a/.github/workflows/snyk-container.yml +++ b/.github/workflows/snyk-container.yml @@ -40,7 +40,7 @@ jobs: # Snyk can be used to break the build when it detects vulnerabilities. # In this case we want to upload the issues to GitHub Code Scanning continue-on-error: true - uses: snyk/actions/docker@14818c4695ecc4045f33c9cee9e795a788711ca4 + uses: snyk/actions/docker@master env: # In order to use the Snyk Action you will need to have a Snyk API token. # More details in https://github.com/snyk/actions#getting-your-snyk-token From 71b936c8ca1cc79547cf07cf10be3e1e8da5da98 Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Sat, 1 Jun 2024 16:08:52 +0200 Subject: [PATCH 08/16] Update snyk-container.yml --- .github/workflows/snyk-container.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/snyk-container.yml b/.github/workflows/snyk-container.yml index 94fe5bf..68bad9a 100644 --- a/.github/workflows/snyk-container.yml +++ b/.github/workflows/snyk-container.yml @@ -35,7 +35,7 @@ jobs: steps: - uses: actions/checkout@v3 - name: Build a Docker image - run: docker build -t your/image-to-test . + run: docker build -t https://github.com/thijstakken/MusicService/tree/main . - name: Run Snyk to check Docker image for vulnerabilities # Snyk can be used to break the build when it detects vulnerabilities. # In this case we want to upload the issues to GitHub Code Scanning From ce361e2953baec82151dfb2d93b7ca5a43a3dcbe Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Sat, 1 Jun 2024 16:13:34 +0200 Subject: [PATCH 09/16] Update snyk-container.yml --- .github/workflows/snyk-container.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/snyk-container.yml b/.github/workflows/snyk-container.yml index 68bad9a..6163b1b 100644 --- a/.github/workflows/snyk-container.yml +++ b/.github/workflows/snyk-container.yml @@ -50,6 +50,6 @@ jobs: image: your/image-to-test args: --file=Dockerfile - name: Upload result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@v3 with: sarif_file: snyk.sarif From 0d24bcfe1f2561562506dac5ac38023adfe75498 Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Sat, 1 Jun 2024 16:19:30 +0200 Subject: [PATCH 10/16] Update snyk-container.yml --- .github/workflows/snyk-container.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/snyk-container.yml b/.github/workflows/snyk-container.yml index 6163b1b..9143412 100644 --- a/.github/workflows/snyk-container.yml +++ b/.github/workflows/snyk-container.yml @@ -21,6 +21,8 @@ on: branches: [ "main" ] schedule: - cron: '41 2 * * 6' + workflow_run: + permissions: contents: read From 3bd9bbd9eaeb810e65edb298c84ca119f8ac1fd6 Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Sat, 1 Jun 2024 16:21:28 +0200 Subject: [PATCH 11/16] Revert "Update snyk-container.yml" --- .github/workflows/snyk-container.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/snyk-container.yml b/.github/workflows/snyk-container.yml index 9143412..6163b1b 100644 --- a/.github/workflows/snyk-container.yml +++ b/.github/workflows/snyk-container.yml @@ -21,8 +21,6 @@ on: branches: [ "main" ] schedule: - cron: '41 2 * * 6' - workflow_run: - permissions: contents: read From d58b20b6906e931103ba220a3635745095a7a7c7 Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Sat, 1 Jun 2024 16:24:54 +0200 Subject: [PATCH 12/16] Update snyk-container.yml --- .github/workflows/snyk-container.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/snyk-container.yml b/.github/workflows/snyk-container.yml index 6163b1b..8015802 100644 --- a/.github/workflows/snyk-container.yml +++ b/.github/workflows/snyk-container.yml @@ -20,7 +20,7 @@ on: # The branches below must be a subset of the branches above branches: [ "main" ] schedule: - - cron: '41 2 * * 6' + - cron: '41 2 * * 0' permissions: contents: read From 4ad1fd18f05a3f16224b9421b0785e639c5cb722 Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Sat, 1 Jun 2024 16:44:23 +0200 Subject: [PATCH 13/16] Delete .github/workflows/snyk-container.yml --- .github/workflows/snyk-container.yml | 55 ---------------------------- 1 file changed, 55 deletions(-) delete mode 100644 .github/workflows/snyk-container.yml diff --git a/.github/workflows/snyk-container.yml b/.github/workflows/snyk-container.yml deleted file mode 100644 index 8015802..0000000 --- a/.github/workflows/snyk-container.yml +++ /dev/null @@ -1,55 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -# A sample workflow which checks out the code, builds a container -# image using Docker and scans that image for vulnerabilities using -# Snyk. The results are then uploaded to GitHub Security Code Scanning -# -# For more examples, including how to limit scans to only high-severity -# issues, monitor images for newly disclosed vulnerabilities in Snyk and -# fail PR checks for new vulnerabilities, see https://github.com/snyk/actions/ - -name: Snyk Container - -on: - push: - branches: [ "main" ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ "main" ] - schedule: - - cron: '41 2 * * 0' - -permissions: - contents: read - -jobs: - snyk: - permissions: - contents: read # for actions/checkout to fetch code - security-events: write # for github/codeql-action/upload-sarif to upload SARIF results - actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - - name: Build a Docker image - run: docker build -t https://github.com/thijstakken/MusicService/tree/main . - - name: Run Snyk to check Docker image for vulnerabilities - # Snyk can be used to break the build when it detects vulnerabilities. - # In this case we want to upload the issues to GitHub Code Scanning - continue-on-error: true - uses: snyk/actions/docker@master - env: - # In order to use the Snyk Action you will need to have a Snyk API token. - # More details in https://github.com/snyk/actions#getting-your-snyk-token - # or you can signup for free at https://snyk.io/login - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - with: - image: your/image-to-test - args: --file=Dockerfile - - name: Upload result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@v3 - with: - sarif_file: snyk.sarif From fac63f5ae8b05b785cd7e885c3362c0025b91b38 Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Sat, 1 Jun 2024 16:45:47 +0200 Subject: [PATCH 14/16] Create snyk-security.yml --- .github/workflows/snyk-security.yml | 81 +++++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 .github/workflows/snyk-security.yml diff --git a/.github/workflows/snyk-security.yml b/.github/workflows/snyk-security.yml new file mode 100644 index 0000000..e902a83 --- /dev/null +++ b/.github/workflows/snyk-security.yml @@ -0,0 +1,81 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +# A sample workflow which sets up Snyk to analyze the full Snyk platform (Snyk Open Source, Snyk Code, +# Snyk Container and Snyk Infrastructure as Code) +# The setup installs the Snyk CLI - for more details on the possible commands +# check https://docs.snyk.io/snyk-cli/cli-reference +# The results of Snyk Code are then uploaded to GitHub Security Code Scanning +# +# In order to use the Snyk Action you will need to have a Snyk API token. +# More details in https://github.com/snyk/actions#getting-your-snyk-token +# or you can signup for free at https://snyk.io/login +# +# For more examples, including how to limit scans to only high-severity issues +# and fail PR checks, see https://github.com/snyk/actions/ + +name: Snyk Security + +on: + push: + branches: ["develop", "main"] + pull_request: + branches: ["develop"] + schedule: + - cron: '41 2 * * 6' + +permissions: + contents: read + +jobs: + snyk: + permissions: + contents: read # for actions/checkout to fetch code + security-events: write # for github/codeql-action/upload-sarif to upload SARIF results + actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Set up Snyk CLI to check for security issues + # Snyk can be used to break the build when it detects security issues. + # In this case we want to upload the SAST issues to GitHub Code Scanning + uses: snyk/actions/setup@806182742461562b67788a64410098c9d9b96adb + + # For Snyk Open Source you must first set up the development environment for your application's dependencies + # For example for Node + #- uses: actions/setup-node@v3 + # with: + # node-version: 16 + + env: + # This is where you will need to introduce the Snyk API token created with your Snyk account + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + + # Runs Snyk Code (SAST) analysis and uploads result into GitHub. + # Use || true to not fail the pipeline + - name: Snyk Code test + run: snyk code test --sarif > snyk-code.sarif # || true + + # Runs Snyk Open Source (SCA) analysis and uploads result to Snyk. + - name: Snyk Open Source monitor + run: snyk monitor --all-projects + + # Runs Snyk Infrastructure as Code (IaC) analysis and uploads result to Snyk. + # Use || true to not fail the pipeline. + - name: Snyk IaC test and report + run: snyk iac test --report # || true + + # Build the docker image for testing + - name: Build a Docker image + run: docker build -t your/image-to-test . + # Runs Snyk Container (Container and SCA) analysis and uploads result to Snyk. + - name: Snyk Container monitor + run: snyk container monitor your/image-to-test --file=Dockerfile + + # Push the Snyk Code results into GitHub Code Scanning tab + - name: Upload result to GitHub Code Scanning + uses: github/codeql-action/upload-sarif@v2 + with: + sarif_file: snyk-code.sarif From eecd175484f6662010f44a5b34506f366dbd2d2b Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Sat, 1 Jun 2024 16:49:08 +0200 Subject: [PATCH 15/16] Update snyk-security.yml --- .github/workflows/snyk-security.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/snyk-security.yml b/.github/workflows/snyk-security.yml index e902a83..eee6ba6 100644 --- a/.github/workflows/snyk-security.yml +++ b/.github/workflows/snyk-security.yml @@ -56,7 +56,7 @@ jobs: # Runs Snyk Code (SAST) analysis and uploads result into GitHub. # Use || true to not fail the pipeline - name: Snyk Code test - run: snyk code test --sarif > snyk-code.sarif # || true + run: snyk code test --sarif > snyk-code.sarif || true # Runs Snyk Open Source (SCA) analysis and uploads result to Snyk. - name: Snyk Open Source monitor From a8ebde2a51ddaa4f4c634bbea796c674c41f2273 Mon Sep 17 00:00:00 2001 From: Thijs Takken <23289714+thijstakken@users.noreply.github.com> Date: Sat, 1 Jun 2024 16:51:41 +0200 Subject: [PATCH 16/16] Delete .github/workflows/snyk-security.yml --- .github/workflows/snyk-security.yml | 81 ----------------------------- 1 file changed, 81 deletions(-) delete mode 100644 .github/workflows/snyk-security.yml diff --git a/.github/workflows/snyk-security.yml b/.github/workflows/snyk-security.yml deleted file mode 100644 index eee6ba6..0000000 --- a/.github/workflows/snyk-security.yml +++ /dev/null @@ -1,81 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -# A sample workflow which sets up Snyk to analyze the full Snyk platform (Snyk Open Source, Snyk Code, -# Snyk Container and Snyk Infrastructure as Code) -# The setup installs the Snyk CLI - for more details on the possible commands -# check https://docs.snyk.io/snyk-cli/cli-reference -# The results of Snyk Code are then uploaded to GitHub Security Code Scanning -# -# In order to use the Snyk Action you will need to have a Snyk API token. -# More details in https://github.com/snyk/actions#getting-your-snyk-token -# or you can signup for free at https://snyk.io/login -# -# For more examples, including how to limit scans to only high-severity issues -# and fail PR checks, see https://github.com/snyk/actions/ - -name: Snyk Security - -on: - push: - branches: ["develop", "main"] - pull_request: - branches: ["develop"] - schedule: - - cron: '41 2 * * 6' - -permissions: - contents: read - -jobs: - snyk: - permissions: - contents: read # for actions/checkout to fetch code - security-events: write # for github/codeql-action/upload-sarif to upload SARIF results - actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Set up Snyk CLI to check for security issues - # Snyk can be used to break the build when it detects security issues. - # In this case we want to upload the SAST issues to GitHub Code Scanning - uses: snyk/actions/setup@806182742461562b67788a64410098c9d9b96adb - - # For Snyk Open Source you must first set up the development environment for your application's dependencies - # For example for Node - #- uses: actions/setup-node@v3 - # with: - # node-version: 16 - - env: - # This is where you will need to introduce the Snyk API token created with your Snyk account - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - - # Runs Snyk Code (SAST) analysis and uploads result into GitHub. - # Use || true to not fail the pipeline - - name: Snyk Code test - run: snyk code test --sarif > snyk-code.sarif || true - - # Runs Snyk Open Source (SCA) analysis and uploads result to Snyk. - - name: Snyk Open Source monitor - run: snyk monitor --all-projects - - # Runs Snyk Infrastructure as Code (IaC) analysis and uploads result to Snyk. - # Use || true to not fail the pipeline. - - name: Snyk IaC test and report - run: snyk iac test --report # || true - - # Build the docker image for testing - - name: Build a Docker image - run: docker build -t your/image-to-test . - # Runs Snyk Container (Container and SCA) analysis and uploads result to Snyk. - - name: Snyk Container monitor - run: snyk container monitor your/image-to-test --file=Dockerfile - - # Push the Snyk Code results into GitHub Code Scanning tab - - name: Upload result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@v2 - with: - sarif_file: snyk-code.sarif