Merge pull request #4669 from fluxcd/backport-4657-to-release/v2.2.x

[release/v2.2.x] ci: Include all go modules in snyk testing
10 months ago · da2daa5277
parent 90bcea6d13 888d8116b2
commit da2daa5277
1 changed files with 2 additions and 1 deletions
--- a/.github/workflows/scan.yaml
+++ b/.github/workflows/scan.yaml
@ -49,10 +49,11 @@ jobs:
      - name:  Run Snyk to check for vulnerabilities
        continue-on-error: true
        run: |
-          snyk test --sarif-file-output=snyk.sarif
+          snyk test --all-projects --sarif-file-output=snyk.sarif
        env:
          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
      - name: Upload result to GitHub Code Scanning
        continue-on-error: true
        uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.13.4
        with:
          sarif_file: snyk.sarif