diff --git a/.github/workflows/sca-scan.yml b/.github/workflows/sca-scan.yml index 6cde2588..1f9aa651 100644 --- a/.github/workflows/sca-scan.yml +++ b/.github/workflows/sca-scan.yml @@ -7,9 +7,18 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@master - - name: Run Snyk to check for vulnerabilities - uses: snyk/actions/gradle@master + - name: Setup local.properties + run: | + cat << EOF >> local.properties + sdk.dir=$ANDROID_HOME + host="${{ secrets.HOST }}" + APIKey="${{ secrets.API_KEY }}" + deliveryToken="${{ secrets.DELIVERY_TOKEN }}" + environment="${{ secrets.ENVIRONMENT }}" + contentType="${{ secrets.CONTENT_TYPE }}" + assetUid="${{ secrets.ASSET_UID }}" + EOF + - uses: snyk/actions/setup@master + - run: snyk test --fail-on=all env: SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - with: - args: --fail-on=all --all-sub-projects \ No newline at end of file