mirror of
https://github.com/fluxcd/flux2.git
synced 2026-02-09 01:07:27 +00:00
Snyk GitHub Action added
Signed-off-by: Ihor Dvoretskyi <ihor@linux.com>
This commit is contained in:
Ihor Dvoretskyi
parent
12f22ddeba
commit
28d606cb0e
1 changed files with 15 additions and 0 deletions
15
.github/workflows/snyk.yaml
vendored
Normal file
15
.github/workflows/snyk.yaml
vendored
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
name: Snyk
|
||||
on: [push]
|
||||
jobs:
|
||||
security:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@master
|
||||
- name: Run Snyk to check for vulnerabilities
|
||||
uses: snyk/actions/golang@master
|
||||
env:
|
||||
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
|
||||
- name: Upload result to GitHub Code Scanning
|
||||
uses: github/codeql-action/upload-sarif@v1
|
||||
with:
|
||||
sarif_file: snyk.sarif
|
||||
Loading…
Reference in a new issue