[Snyk] Upgrade unzipper from 0.9.15 to 0.12.3 #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Snyk Full Platform (CLI) | |
| # Prerequisites: | |
| # - Set a SNYK_TOKEN under env secrets in an env called "Snyk" | |
| # - If you are not running the scan on your default org in Snyk, set the org id in a secret called SNYK_ORG in the same env as above (env called "Snyk") and add an additional --org=${{ secrets.SNYK_ORG }} parameter in all the test commands | |
| on: | |
| push: | |
| branches: [ "master" ] | |
| pull_request: | |
| branches: [ "master" ] | |
| jobs: | |
| snyk-os: | |
| environment: snyk | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@master | |
| - name: Install Snyk CLI | |
| run: | | |
| wget -O snyk https://static.snyk.io/cli/latest/snyk-linux | |
| chmod +x ./snyk | |
| mv ./snyk /usr/local/bin/ | |
| - name: Authenticate and run Snyk Open Source Scan + Monitor | |
| run: | | |
| npm install | |
| snyk auth ${{ secrets.SNYK_TOKEN }} | |
| snyk test | |
| snyk monitor | |
| snyk-code: | |
| environment: snyk | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@master | |
| - name: Install Snyk CLI | |
| run: | | |
| wget -O snyk https://static.snyk.io/cli/latest/snyk-linux | |
| chmod +x ./snyk | |
| mv ./snyk /usr/local/bin/ | |
| - name: Configure and run Snyk Code Scan | |
| run: | | |
| snyk auth ${{ secrets.SNYK_TOKEN }} | |
| snyk code test | |
| snyk-container: | |
| environment: snyk | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@master | |
| - name: Build the Docker image | |
| run: docker build . --file Dockerfile --tag boosef-juiceshop:latest | |
| - name: Install Snyk CLI | |
| run: | | |
| wget -O snyk https://static.snyk.io/cli/latest/snyk-linux | |
| chmod +x ./snyk | |
| mv ./snyk /usr/local/bin/ | |
| - name: Scan and Monitor Docker Vulnerabilities | |
| run: | | |
| snyk auth ${{ secrets.SNYK_TOKEN }} | |
| snyk container test boosef-juiceshop:latest --file=Dockerfile | |
| snyk container monitor boosef-juiceshop:latest --file=Dockerfile | |
| snyk-iac: | |
| environment: snyk | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@master | |
| - name: Install Snyk CLI | |
| run: | | |
| wget -O snyk https://static.snyk.io/cli/latest/snyk-linux | |
| chmod +x ./snyk | |
| mv ./snyk /usr/local/bin/ | |
| - name: Run and monitor Snyk to check configuration files for security issues | |
| run: | | |
| snyk auth ${{ secrets.SNYK_TOKEN }} | |
| snyk iac test --report | |