File tree Expand file tree Collapse file tree 3 files changed +56
-45
lines changed Expand file tree Collapse file tree 3 files changed +56
-45
lines changed Original file line number Diff line number Diff line change 1+ name : Snyk scheduled Docker image scan
2+ on :
3+ schedule :
4+ - cron : ' 0 3 * * 1'
5+ workflow_dispatch :
6+
7+ jobs :
8+ security :
9+ runs-on : ubuntu-latest
10+
11+ steps :
12+ - uses : actions/checkout@v3
13+
14+ - name : Run Snyk to check for vulnerabilities
15+ uses : snyk/actions/docker@master
16+ env :
17+ SNYK_TOKEN : ${{ secrets.SNYK_TOKEN }}
18+ with :
19+ image : radarbase/radar-output-restructure
20+ args : --file=Dockerfile --org=radar-base --fail-on=upgradable --severity-threshold=high --policy-path=$PWD/.snyk
21+ json : true
22+
23+ - name : Report new vulnerabilities
24+ uses : thehyve/report-vulnerability@master
25+ if : success() || failure()
26+ with :
27+ report-file : snyk.json
28+ env :
29+ TOKEN : ${{ secrets.GITHUB_TOKEN }}
Original file line number Diff line number Diff line change 1+ name : Snyk scheduled code base scan
2+ on :
3+ schedule :
4+ - cron : ' 0 2 * * 1'
5+ workflow_dispatch :
6+
7+ jobs :
8+ security :
9+ runs-on : ubuntu-latest
10+
11+ steps :
12+ - uses : actions/checkout@v3
13+
14+ - name : Run Snyk to check for vulnerabilities
15+ uses : snyk/actions/gradle-jdk17@master
16+ env :
17+ SNYK_TOKEN : ${{ secrets.SNYK_TOKEN }}
18+ with :
19+ args : --all-projects --configuration-matching='^runtimeClasspath$' --org=radar-base --fail-on=upgradable --json-file-output=snyk.json --severity-threshold=high --policy-path=$PWD/.snyk
20+
21+ - name : Report new vulnerabilities
22+ uses : thehyve/report-vulnerability@master
23+ if : success() || failure()
24+ with :
25+ report-file : snyk.json
26+ env :
27+ TOKEN : ${{ secrets.GITHUB_TOKEN }}
Load Diff This file was deleted.
You can’t perform that action at this time.
0 commit comments