EREGCSC-2658 -- Add filter by subject to combined search #2669
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Snyk Scan and Report | |
| on: | |
| pull_request: | |
| branches: [ main ] | |
| schedule: | |
| - cron: '0 4 * * *' | |
| permissions: | |
| id-token: write | |
| jobs: | |
| snyk_run: | |
| name: Snyk Run (for PR) | |
| runs-on: ubuntu-22.04 | |
| if: github.event_name == 'pull_request' | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v3 | |
| - name: Install Snyk and Run Snyk test | |
| run: | | |
| npm install -g snyk | |
| snyk test --all-projects --json > snyk_output.txt || true | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| snyk_nightly_run: | |
| name: Snyk Nightly Run (for nightly cron with JIRA) | |
| runs-on: ubuntu-22.04 | |
| if: github.event_name == 'schedule' | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v3 | |
| - name: Install Snyk and Run Snyk test | |
| run: | | |
| npm install -g snyk | |
| snyk test --all-projects --json > snyk_output.txt || true | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| - name: use the custom github action to parse Snyk output | |
| uses: Enterprise-CMCS/mac-fc-security-scan-report@v2.7.4 | |
| with: | |
| jira-token: ${{ secrets.JIRA_TOKEN}} | |
| jira-host: ${{ secrets.JIRA_HOST }} | |
| jira-project-key: 'EREGCSC' | |
| jira-issue-type: 'Bug' | |
| jira-labels: 'eRegs,snyk' | |
| jira-title-prefix: '[EREGCSC] - Snyk :' | |
| is_jira_enterprise: 'true' | |
| jira-custom-field-key-value: '{ "customfield_10100": "EREGCSC-1989" }' | |
| assign-jira-ticket-to: 'G6W5' | |
| scan-output-path: 'snyk_output.txt' | |
| scan-type: 'snyk' | |
| - name: Alert Slack On Failure | |
| if: failure() | |
| run: | | |
| curl -X POST -H 'Content-type: application/json' --data '{"text": "Failure completing scheduled Snyk Scan.","blocks":[{"type": "section","text":{"type": "mrkdwn","text": "The nightly scheduled Snyk Scan for Job: https://github.com/Enterprise-CMCS/cmcs-eregulations/actions/runs/${{ github.run_id }} has failed to complete successfully "}}]}' ${{ secrets.DEV_BOTS_SLACK_WEBHOOK }} | |