Try use snyk for scanning

airenas · Mar 28, 2022 · 3935c4d · 3935c4d
1 parent 5f13335
commit 3935c4d
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 4 deletions.
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
@@ -39,10 +39,21 @@ jobs:
       run: make test/lint
 
     - name: Build docker
-      run: make docker/build
+      run: make docker/build version=latest
 
-    - name: Scan docker
-      run: make docker/scan   
+    - name: Run Snyk to check Docker image for vulnerabilities
+      continue-on-error: true
+      uses: snyk/actions/docker@master
+      env:
+        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      with:
+        image: airenas/audio-convert-service:latest
+        args: --file=Dockerfile
+
+    - name: Upload snyk result to GitHub Code Scanning
+      uses: github/codeql-action/upload-sarif@v1
+      with:
+        sarif_file: snyk.sarif    
 
     - name: Calc coverage
       run: |

diff --git a/version b/version
@@ -1,2 +1,2 @@
 commit_count=$(shell git rev-list --count HEAD)
-version=0.2.$(commit_count)
+version?=0.2.$(commit_count)