snyk-labs · smankah · Dec 21, 2021 · Dec 21, 2021 · Dec 21, 2021 · Dec 21, 2021
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -0,0 +1,12 @@
+version: '2.1'
+orbs:
+  snyk: snyk/[email protected]
+jobs:
+  build:
+    docker:
+      - image: 'cimg/node:lts'
+    steps:
+      - checkout
+      - run: npm ci
+      - snyk/scan
+workflows: null
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -0,0 +1,21 @@
+name: Example workflow using Snyk
+on: push
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - name: Run Snyk to check for critical vulnerabilities
+        uses: snyk/actions/node@master
+        continue-on-error: true
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: --severity-threshold=high --json-file-output=results.json
+      - name: Count number of resulting vulnerabilities
+        run: |
+          echo "VULNS=$(cat results.json | jq '.vulnerabilities[].severity' | wc -l)" >> $GITHUB_ENV
+      - name: Fail if total number greater than 5
+        if: env.VULNS > 5
+        run: |
+          exit 1
diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml
@@ -0,0 +1,16 @@
+# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node
+# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
+
+
+name: NodeJS-goof action
+on: push
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/node@master
+        continue-on-error: true
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
diff --git a/buildspec.yml b/buildspec.yml
@@ -0,0 +1,31 @@
+version: 0.2
+
+env:
+  parameter-store:
+    # Requires that you have a secure string in AWS Systems Manager Parameter Store
+    # called "snykAuthToken" with your Snyk token.
+    SNYK_TOKEN: "SNYK_TOKEN"
+
+phases:
+  install:
+    commands:
+      - npm install -g snyk
+      - npm install -i snyk-to-html
+
+  build:
+    commands:
+      - npm install
+      - snyk monitor --org=2c6bced9-e2d6-456e-af56-28b893bdd358
+      - snyk code test
+
+
+#artifacts:
+#files:
+# - location
+# - location
+#name: $(date +%Y-%m-%d)
+#discard-paths: yes
+#base-directory: location
+#cache:
+#paths:
+# - paths