Skip to content

fix: Dockerfile to reduce vulnerabilities #208

fix: Dockerfile to reduce vulnerabilities

fix: Dockerfile to reduce vulnerabilities #208

name: Snyk Container and GitHub Security example
on: push
jobs:
snyk:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Build an image
run: docker build . -t some-secure-image
- name: Run Snyk to check image for vulnerabilities
continue-on-error: true
uses: snyk/actions/docker@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_SECRET }}
with:
image: some-secure-image
args: --file=Dockerfile
- uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: snyk.sarif