From d7657890da7d878a7347a522ddbf8213017a26a1 Mon Sep 17 00:00:00 2001 From: Ahsan Habib Date: Wed, 15 May 2024 15:59:47 +0300 Subject: [PATCH] Create main.yml --- .github/workflows/main.yml | 50 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 .github/workflows/main.yml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 000000000..26e5763a7 --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,50 @@ +name: Snyk SCA, Code, IaC and Container CLI monitor example + +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + +jobs: + build: + name: Test and build + environment: snyk-npm + runs-on: ubuntu-latest + +strategy: + matrix: + node-version: [16.x] + + # See supported Node.js release schedule at https://nodejs.org/en/about/releases/ + +steps: + - uses: actions/checkout@v2 + - name: Use Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v2 + with: + node-version: ${{ matrix.node-version }} + cache: 'npm' + + - name: Setup Snyk + snyk-to-html # For information about the required commands for generating an HTML report see https://github.com/snyk/snyk-to-html + run: | + npm install snyk -g + npm install snyk-to-html -g + snyk config set endpoint=https://app.eu.snyk.io/api + snyk auth ${{secrets.SECRETS_TEST_SNYK_AUTH}} + + - name: Snyk Open Source # For testing and failing please add snyk test before snyk monitor + run: | + snyk monitor +# For a list of additional available flags/options see: https://docs.snyk.io/snyk-cli/commands + + - name: Snyk Code # Remove || true to fail if there are vulnerabilities + run: | + snyk code test || true + - name: Snyk Container # Rename your image, for testing and failing please add snyk container test before snyk container monitor + run: | + docker build . -t yourimage:tag + snyk container monitor yourimage:tag --file=Dockerfile + - name: Snyk IaC # Remove || true to fail if there are vulnerabilities + run: | + snyk iac test || true