Skip to content
This repository has been archived by the owner on May 6, 2024. It is now read-only.

Snyk Scan

Snyk Scan #1770

Workflow file for this run

---
name: Snyk Scan
# yamllint disable-line rule:truthy
on:
# pull_request:
workflow_dispatch:
schedule:
- cron: "15 12 * * 1"
permissions: read-all
jobs:
security:
runs-on: ubuntu-latest
permissions:
# required for all workflows
security-events: write
steps:
- name: checkout code
uses: actions/checkout@v3
- name: Run Snyk to check for vulnerabilities
uses: snyk/actions/node@master
continue-on-error: true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --sarif-file-output=snyk.sarif
- name: Check to see if the SARIF a was generated
id: sarif_file_exists
uses: andstor/file-existence-action@v2
with:
files: "snyk.sarif"
- name: Upload the SARIF file
uses: github/codeql-action/upload-sarif@v2
if: steps.sarif_file_exists.outputs.files_exists == 'true'
with:
sarif_file: snyk.sarif