Docker #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Snyk Open Source Scans | |
concurrency: | |
group: snyk-opensource-actions-${{ github.ref }} | |
cancel-in-progress: true | |
on: | |
merge_group: | |
types: [checks_requested] | |
pull_request: | |
types: [opened, synchronize, reopened, ready_for_review] | |
jobs: | |
snyk-opensource-pipeline: | |
runs-on: ubuntu-22.04 | |
name: Snyk Open Source Diff Scan | |
env: | |
SNYK_TOKEN: ${{ secrets.SNYK_GH_ACTIONS_TOKEN }} | |
SNYK_ORG: ${{ vars.SNYK_ORG }} | |
steps: | |
# Step 1: Checkout base ref branch | |
- name: Checkout Base Branch | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.base_ref }} | |
# Step 2: Setup Python (optional for additional configurations) | |
- name: Setup Python Environment | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.10' | |
# Uncomment the following lines if requirements.txt is used | |
# - run: pip install -r requirements.txt | |
# Step 3: Download and Setup Node.js | |
- name: Setup Node.js Environment | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
# Step 4: Install Snyk CLI | |
- name: Install Snyk CLI | |
run: npm install --location=global snyk@latest | |
# Step 5: Install jq | |
- name: Install jq | |
run: npm install --location=global node-jq | |
# Step 6: Authenticate Snyk | |
- name: Authenticate with Snyk | |
run: snyk auth ${{ secrets.SNYK_GH_ACTIONS_TOKEN }} | |
# Step 7: Run Snyk Open Source Scan and Diff | |
- name: Run Snyk Scan | |
run: snyk test --org=${{ vars.SNYK_ORG }} --all-projects |