Skip to content

Commit

Permalink
feat: upload results from app scan to github for api and selfserve
Browse files Browse the repository at this point in the history
  • Loading branch information
@gabrielg2020
gabrielg2020 committed May 20, 2024
1 parent 9db4326 commit 2488de2
Showing 1 changed file with 12 additions and 2 deletions.
14 changes: 12 additions & 2 deletions .github/workflows/security-app.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,15 @@ jobs:
- name: Setup Snyk
uses: snyk/actions/setup@master
- name: Scan api repository
run: snyk test
run: snyk test --sarif-file-output=snyk-results.sarif
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

- name: Upload Results to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: app/internal/snyk-results.sarif

dependency-scan-selfserve:
if: github.event_name == 'schedule' || inputs.project == 'selfserve'
name: Selfserve
Expand All @@ -55,10 +60,15 @@ jobs:
- name: Setup Snyk
uses: snyk/actions/setup@master
- name: Scan selfserve repository
run: snyk test
run: snyk test --sarif-file-output=snyk-results.sarif
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

- name: Upload Results to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: app/internal/snyk-results.sarif

dependency-scan-internal:
if: github.event_name == 'schedule' || inputs.project == 'internal'
name: Internal
Expand Down

0 comments on commit 2488de2

Please sign in to comment.