Snyk Container #3

	name: Snyk Container
	on:
	workflow_dispatch:

	permissions:
	contents: read

	jobs:
	snyk:
	permissions:
	contents: read # for actions/checkout to fetch code
	security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
	actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- name: Build a Docker image
	run: docker build -t hellopradum/backend-wanderlust backend/.
	- name: Run Snyk to check Docker image for vulnerabilities
	continue-on-error: true
	uses: snyk/actions/docker@14818c4695ecc4045f33c9cee9e795a788711ca4
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	image: hellopradum/backend-wanderlust:latest
	args: --file=Dockerfile --sarif-file-output=snyk.sarif
	- name: Upload result to GitHub Code Scanning
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: snyk.sarif

Provide feedback