From ee075168abf4e03576d47d24e316b6c58d865bce Mon Sep 17 00:00:00 2001 From: Simon Liu Date: Wed, 29 May 2024 10:39:03 -0700 Subject: [PATCH] add snyk step to workflows --- .github/workflows/build.yml | 44 ++++++++++++++++++------------------- 1 file changed, 21 insertions(+), 23 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index fcfb9a5..b8b194e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -200,29 +200,27 @@ jobs: ######################################################################### # Snyk ######################################################################### - # First run snyk as a blocking step - # - name: Run Snyk as a blocking step - # uses: snyk/actions/python-3.8@master - # env: - # SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - # with: - # command: test - # args: > - # --org=${{ secrets.SNYK_ORG_ID }} - # --project-name=${{ github.repository }} - # --severity-threshold=high - # --fail-on=all - - # Next run snyk to report the findings to snyk - # - name: Run Snyk on Python - # uses: snyk/actions/python-3.8@master - # env: - # SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - # with: - # command: monitor - # args: > - # --org=${{ secrets.SNYK_ORG_ID }} - # --project-name=${{ github.repository }} + - name: Run Snyk as a blocking step + uses: snyk/actions/python@master + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + with: + command: test + args: > + --org=${{ secrets.SNYK_ORG_ID }} + --project-name=${{ github.repository }} + --severity-threshold=high + --fail-on=all + + - name: Run Snyk on Python + uses: snyk/actions/python@master + env: + SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + with: + command: monitor + args: > + --org=${{ secrets.SNYK_ORG_ID }} + --project-name=${{ github.repository }} ######################################################################### # Test