Skip to content

Commit

Permalink
Don't use dot name for snyk policy file
Browse files Browse the repository at this point in the history
  • Loading branch information
@JonJagger
JonJagger committed Feb 28, 2024
1 parent 2b2eb43 commit c304bfb
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 3 deletions.
1 change: 0 additions & 1 deletion .snyk
View file

This file was deleted.

4 changes: 2 additions & 2 deletions sh/kosli.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ kosli_attest_snyk()
--artifact-type=docker \
--host="${hostname}" \
--api-token="${api_token}" \
--attachments="$(repo_root)/.snyk" \
--attachments="$(repo_root)/snyk.policy" \
--name=nginx.snyk-scan \
--scan-results="$(repo_root)/snyk.json"
}
Expand Down Expand Up @@ -95,7 +95,7 @@ on_ci_kosli_attest_snyk_scan_evidence()
set +e
snyk container test "$(artifact_name)" \
--file="$(repo_root)/Dockerfile" \
--policy-path="$(repo_root)/.snyk" \
--policy-path="$(repo_root)/snyk.policy" \
--sarif \
--sarif-file-output=snyk.json \
--severity-threshold=medium
Expand Down
3 changes: 3 additions & 0 deletions snyk.policy
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# This file specifies snyk vulnerabilities to be ignored.
# If this file contains only comments, then no vulnerabilities are ignored
# but do not delete this file - it is needed for the live-snyk-scans repo workflows.

0 comments on commit c304bfb

Please sign in to comment.