-
Notifications
You must be signed in to change notification settings - Fork 9
/
python.yaml
41 lines (41 loc) · 959 Bytes
/
python.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
apiVersion: tekton.dev/v1beta1
kind: Task
metadata:
name: snyk-python
labels:
app.kubernetes.io/version: "0.1"
annotations:
tekton.dev/pipelines.minVersion: "0.12.1"
tekton.dev/tags: test
tekton.dev/displayName: "Snyk Open Source (Python)"
spec:
description: >-
A task for testing Python applications for vulnerabilities using Snyk
workspaces:
- name: source
params:
- name: command
default: test
- name: args
type: array
default: []
- name: snyk-secret
type: string
description: name of the secret holding the Snyk API token
default: snyk
steps:
- name: snyk
workingDir: $(workspaces.source.path)
image: "snyk/snyk:python"
command:
- /usr/local/bin/docker-entrypoint.sh
args:
- snyk
- $(params.command)
- $(params.args)
env:
- name: SNYK_TOKEN
valueFrom:
secretKeyRef:
name: $(params.snyk-secret)
key: token