snyk-scan.yml

name: Snyk Container Scan

on:
  push:
    branches:
      - main

jobs:
  snyk:
    runs-on: ubuntu-latest

    steps:
    - name: Checkout repository
      uses: actions/checkout@v3  # Using the latest version

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v3  # Using the latest version

    - name: Build API image
      run: docker build -t n5gehtoolsmqtt-gateway-api:latest -f ./backend/api/Dockerfile .

    - name: Build Gateway image
      run: docker build -t n5gehtoolsmqtt-gateway-gateway:latest -f ./backend/gateway/Dockerfile .

    - name: Snyk Scan API image
      uses: snyk/actions/docker@master
      with:
        image: 'n5gehtoolsmqtt-gateway-api:latest'
        args: '--severity-threshold=high'
      env:
        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
      continue-on-error: true

    - name: Snyk Scan Gateway image
      uses: snyk/actions/docker@master
      with:
        image: 'n5gehtoolsmqtt-gateway-gateway:latest'
        args: '--severity-threshold=high'
      env:
        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
      continue-on-error: true