Skip to content

WIP publish docker

WIP publish docker #1

Workflow file for this run

name: Snyk Security Scan Workflow
on:
# pull_request:
# branches: ["dev"]
push:
branches:
- dev
permissions:
contents: read
jobs:
snyk:
name: Snyk Security Scan Job
permissions:
security-events: write
packages: read
contents: read
actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4
with:
fetch-depth: 0
lfs: true
- name: Set up Snyk CLI to check for security issues
uses: snyk/actions/setup@d406fd286b663eb8c6f8adcced4f7bcd199c0a3f
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: login to snyk
run: snyk auth ${{ secrets.SNYK_TOKEN }}
- name: Snyk Code test
run: snyk code test --sarif > snyk-code.sarif || true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v3
with:
sarif_file: snyk-code.sarif