File tree Expand file tree Collapse file tree 1 file changed +43
-9
lines changed
Expand file tree Collapse file tree 1 file changed +43
-9
lines changed Original file line number Diff line number Diff line change 1- name : Example workflow for Maven using Snyk
2- on : push
1+ name : Snyk CLI Scans
2+
3+ on :
4+ push :
5+ branches : [ main ]
6+ # pull_request:
7+ # branches: [ main ]
8+ #
9+
310jobs :
4- security :
11+ snyk-pipeline :
512 runs-on : ubuntu-latest
6- steps :
7- - uses : actions/checkout@master
8- - name : Run Snyk to check for vulnerabilities
9- uses : snyk/actions/maven@master
10- env :
11- SNYK_TOKEN : ${{ secrets.SNYK_TOKEN }}
13+ name : Snyk CLI Scans
14+ env :
15+ SNYK_TOKEN : ${{ secrets.SNYK_TOKEN }}
16+ steps :
17+ - uses : actions/checkout@v2
18+ - name : Download Snyk
19+ run : |
20+ wget -O snyk https://static.snyk.io/cli/latest/snyk-linux
21+ chmod +x ./snyk
22+ mv ./snyk /usr/local/bin/
23+
24+ name : Authenticate Snyk
25+ run : snyk auth ${SNYK_TOKEN}
26+
27+ - name : Run Snyk Code
28+ run : snyk code test --sarif-file-output=snyk_sast_results.json
29+ continue-on-error : true
30+
31+ - name : Upload SARIF file
32+ uses : github/codeql-action/upload-sarif@v3
33+ with :
34+ sarif_file : snyk_sast_results.json
35+
36+ - name : Install packages
37+ run : npm install --loglevel=error
38+
39+ - name : Run Snyk Test
40+ run : snyk test --all-projects
41+ continue-on-error : true
42+
43+ - name : Run Snyk Monitor
44+ run : snyk monitor --all-projects
45+ continue-on-error : true
You can’t perform that action at this time.
0 commit comments