This repository has been archived by the owner on Nov 12, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 4
Operations
Jesse Houwing edited this page Nov 29, 2016
·
2 revisions
The snyk task can be configured to run Test, Protect and Monitor as part of your build workflow.
-
Project Folder - Path to the folder containing your
package.json
. Note: Your node modules must be installed prior to calling snyk. If your repository contains multiple modules, you can append/*
to scan all projects directly under the specified folder. -
Protect - Apply your existing
.snyk
policy and update/patch any known vulnerabilities. (requires an API token) - Test - Scan for new vulnerabilities.
- Monitor - Register your project with Snyk.io to receive updates about new vulnerabilites. (requires an API token)
-
Only monitor for these branches - If you've setup one build for multiple branches, you can setup a branch filter to include/exclude certain branched. E.g. use
master
to only publish builds that were made from master, orreleases/*
for all builds in a release folder. Value is matched againstBuild.SourceBranchName
.
- Authentication Type
- None - Don't authenticate to Snyk.io. This will limit your available actions to Test.
- Service Endpoint - Recommended Store your API token in a Service Endpoint. This is the most convenient and secure method.
- Input - Provide the API token through a task-input. Only use if you cannot use a Service Endpoint. It's recommended to store the API Token as a build variable and set it to Secret.
- Fail Build - Will fail the build if Test results in detected vulnerabilities. Will log Partially Succeeded otherwise.
- Include Development Dependencies - Include your development dependencies as part of the scan.
- Trust Policies - Applies and uses ignore rules from your dependencies's Snyk policies, otherwise ignore policies are only shown as a suggestion.
- Organization - Include devDependencies (defaults to production only).
-
Additional Arguments - Pass any additional arguments when calling snyk (e.g.
--debug
). - Snyk location
- Built-in - Use the version that's packaged with the extension.
- Upgrade Snyk - Will try to update the built-in snyk version to the latest version.
- System - Use the that's available in the systems path environment variable.
- Path - Use the exact path provided as part of the task configuration.
-
Path to Snyk - Provide the full path to where
snyk.cmd
(win) orsnyk
(mac/linux) is located.
- Home
- Provide feedback or log issues
- How-to's
- Getting started
- Setup Snyk.io Endpoint
- Install on TFS 2015
- Operations
- Protect
- Test
- Monitor