Skip to content

Develop

Develop #2

Workflow file for this run

name: Snyk Full Platform
on:
push:
branches: [ "master" ]
pull_request:
branches: [ "master" ]
jobs:
snyk-os:
environment: snyk
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- name: Use Node.js
uses: actions/setup-node@v1
with:
node-version: 18.4
- uses: snyk/actions/setup@master
- name: Snyk OS Test
run: |
npm install snyk
snyk test
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
continue-on-error: true
- name: Monitor dependencies for security issues with Snyk
run: snyk monitor
env:
SNYK_TOKEN: ${{secrets.SNYK_TOKEN}}
snyk-code:
environment: snyk
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: snyk/actions/setup@master
- name: Snyk Code Test
continue-on-error: true
run: snyk code test
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
snyk-container:
environment: snyk
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Build the Docker image
run: docker build . --file Dockerfile --tag boosef-juiceshop:latest
- name: Scan and Monitor Docker Vulnerabilities
uses: snyk/actions/docker@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
image: boosef-juiceshop:latest
command: monitor
snyk-iac:
environment: snyk
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Run and monitor Snyk to check configuration files for security issues
continue-on-error: true
uses: snyk/actions/iac@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --report