Snyk GitHub Action added

Signed-off-by: Ihor Dvoretskyi <ihor@linux.com>
2026-02-13 21:16:57 +00:00 · 2021-02-16 22:07:31 +02:00
parent 12f22ddeba
commit 28d606cb0e
1 changed files with 15 additions and 0 deletions
--- a/.github/workflows/snyk.yaml
+++ b/.github/workflows/snyk.yaml
@@ -0,0 +1,15 @@
+name: Snyk 
+on: [push]
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@master
+    - name: Run Snyk to check for vulnerabilities
+      uses: snyk/actions/golang@master
+      env:
+        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+    - name: Upload result to GitHub Code Scanning
+      uses: github/codeql-action/upload-sarif@v1
+      with:
+      sarif_file: snyk.sarif