Skip to content

Update snyk-security.yml #2

Update snyk-security.yml

Update snyk-security.yml #2

Workflow file for this run

name: Run Snyk Scan -- Go
on: push
jobs:
snyk-scan-python:
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Authenticate to Google Cloud for accessing Snyk token
uses: "google-github-actions/auth@v2"
with:
workload_identity_provider: "projects/747834912006/locations/global/workloadIdentityPools/epidemicsound/providers/github"
service_account: "[email protected]"
- id: "secrets"
name: Access Snyk secret token
uses: "google-github-actions/get-secretmanager-secrets@v2"
with:
secrets: |-
token:es-platform-staging-fc6c/snyk-token-secret
- name: Setup Snyk
uses: snyk/actions/setup@master
- name: Add Snyk scan results to Snyk dashboard
run: snyk monitor -d --all-projects
continue-on-error: true
env:
SNYK_TOKEN: ${{ steps.secrets.outputs.token }}
- name: Run Snyk to check for vulnerabilities
run: snyk test --severity-threshold=critical -d --all-projects
env:
SNYK_TOKEN: ${{ steps.secrets.outputs.token }}