Skip to content
.github/workflows/snyk.yml

Merge pull request #9 from davisanc/test-branch #2

Sign in to view logs

Merge pull request #9 from davisanc/test-branch

Merge pull request #9 from davisanc/test-branch #2

Workflow file for this run

.github/workflows/snyk.yml at 0d54b61
name: Snyk Scan and SARIF Upload
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
snyk_scan:
name: Snyk Scan
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v2
- name: Install Node.js and Snyk CLI
uses: actions/setup-node@v2
with:
node-version: '14'
- name: Install Snyk CLI
run: npm install -g snyk
- name: Authenticate Snyk
run: snyk auth ${{ secrets.SNYK_TOKEN }}

Check failure on line 31 in .github/workflows/snyk.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/snyk.yml

Invalid workflow file 

You have an error in your yaml syntax on line 31
- name: Run Snyk to check configuration files for security issues
continue-on-error: true
run: |
# snyk iac test --sarif-file-output=snyk.sarif --json-file-output=snyk.json
snyk iac test --sarif-file-output=snyk.sarif
echo "Snyk command completed"
echo "Listing current directory contents:"
ls -alh
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Verify Snyk Results SARIF
run: |
echo "Checking if snyk.sarif file exists:"
ls -l snyk.sarif
cat snyk.sarif # Display contents of the JSON file for debugging
upload_sarif:
name: Upload SARIF
needs: snyk_scan
runs-on: ubuntu-latest
steps:
- name: List files in workspace
run: ls -alh
- name: Check if SARIF file exists
run: |
if [ -f "snyk.sarif" ]; then
echo "SARIF file found."
else
echo "SARIF file not found."
exit 1
fi
- name: Upload SARIF File
if: success() || failure() # Ensure SARIF upload runs regardless of the previous step's success/failure
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: snyk.sarif