Merge pull request #98 from snyk/feat/quality-gates

feat: add prodsec/security_scans
snyk · Jun 6, 2024 · 783fe6b · 783fe6b
2 parents 8a20680 + d90e0fc
commit 783fe6b
Showing 1 changed file with 23 additions and 2 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -1,8 +1,21 @@
 version: 2.1
 
 orbs:
-  prodsec: snyk/[email protected]
-
+  prodsec: snyk/prodsec-orb@1
+
+jobs:
+  security-scans:
+    resource_class: small
+    docker:
+      - image: cimg/openjdk:17.0
+    steps:
+      - checkout
+      - prodsec/security_scans:
+          mode: auto
+          open-source-scan-all-projects: false
+          open-source-additional-arguments: --file=pom.xml --maven-aggregate-project
+          iac-scan: disabled
+
 workflows:
   version: 2
   CICD:
@@ -12,3 +25,11 @@ workflows:
           context:
             - snyk-bot-slack
           channel: os-team-managed-alerts
+          filters:
+            branches:
+              ignore:
+                - main
+
+      - security-scans:
+          name: Security Scans
+          context: open_source-managed