fix: Update and rename synk-sls.yml to synk.yml

.github/workflows/synk-sls.yml → .github/workflows/synk.yml

@@ -72,39 +72,15 @@ jobs:
       - name: Build a Docker image
         run: docker build --no-cache -f ./Dockerfile --build-arg NPM_TOKEN=${{ secrets.NPM_INSTALL_TOKEN }} --build-arg BUILD_VERSION=$BUILD_VERSION -t ncats/smartgraph_api:$BUILD_VERSION .
 
-       # Step 5: Run Snyk to check Docker image for vulnerabilities
+      # Step 5: Run Snyk to check Docker image for vulnerabilities
       - name: Run Snyk to check Docker image for vulnerabilities
         continue-on-error: true
         uses: snyk/actions/docker@master
         id: docker-image-scan
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_CLI }}
+          ACTIONS_STEP_DEBUG: true
         with:
+          command: monitor
           image: ncats/smartgraph_api:$BUILD_VERSION
-          args: --sarif-file-output=snyk.sarif --file=Dockerfile
-
-      - name: Replace security-severity undefined for license-related findings
-        continue-on-error: true
-        run: |
-         sed -i 's/"security-severity": "undefined"/"security-severity": "0"/g' snyk.sarif
-         sed -i 's/"security-severity": "null"/"security-severity": "0"/g' snyk.sarif
-
-      # Step 6: Upload result to GitHub Code Scanning
-      - name: Upload result to GitHub Code Scanning
-        # continue-on-error: true
-        uses: github/codeql-action/upload-sarif@v3
-        with:
-          sarif_file: snyk.sarif 
-
-      # Step 7: Generate Security Report
-      - name: Generate Security Report
-        uses: rsdmike/[email protected]
-        with:
-            token: ${{ secrets.GITHUB_TOKEN }}
-            sarifReportDir: .
-      # Step 8: Uploads artifacts (PDF reports) generated during the workflow to download.
-      - name: Upload Artifacts
-        uses: actions/upload-artifact@v4
-        with: 
-            name: reports
-            path: ./*.pdf
+          args: --file=Dockerfile