Merge pull request #235 from redhat-appstudio/snyk-doc

Clean up the top of the secrets how-to-guide
redhat-appstudio · Feb 7, 2024 · 0730f0b · 0730f0b
2 parents 0c7b6db + 772da22
commit 0730f0b
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/...ges/how-to-guides/configuring-builds/proc_creating-secrets-for-your-builds.adoc b/...ges/how-to-guides/configuring-builds/proc_creating-secrets-for-your-builds.adoc
@@ -1,6 +1,8 @@
 = Creating secrets for your builds 
 
-When you build your application, create secrets to ensure the `sast_snyk_task` works. The `sast_snyk_task` analyzes your source code to find vulnerabilities. The `sast_synk_task` secret defines parameters for your build pipeline. Add these `sast_snyk_task` secrets to your build pipeline to ultimately help build and deploy your application. 
+When you building your pipelines, you might want to add tasks that require *secrets* in order to access external resources.
+
+NOTE: One such task is the link:https://github.com/redhat-appstudio/build-definitions/tree/main/task/sast-snyk-check[sast-snyk-check] task that that uses the third-party service link:https://snyk.io/[snyk] to perform static application security testing (SAST) as a part of the default {ProductName} pipeline. Use this procedure to upload your snyk.io token. Name the secret `sast_snyk_task` so that the snyk task in the {ProductName} pipeline will recognize it and use it.
 
 .Procedure