Skip to content

Merge pull request #932 from guardian/update/aws #766

Merge pull request #932 from guardian/update/aws

Merge pull request #932 from guardian/update/aws #766

Workflow file for this run

# This workflow runs Snyk Monitor on every push to main.
name: Snyk
on:
push:
branches:
- main
workflow_dispatch:
jobs:
security:
runs-on: ubuntu-latest
steps:
- name: Checkout branch
uses: actions/checkout@v4
- name: Update Snyk UI with current vulnerabilities
uses: snyk/actions/[email protected]
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
command: monitor
args: --org=the-guardian-cuu --project-name=${{ github.repository }}
- name: Update Github Code Scanning file with current vulnerabilities
uses: snyk/actions/[email protected]
continue-on-error: true # To make sure that SARIF upload gets called
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --sarif-file-output=snyk.sarif
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: snyk.sarif