# This file is managed by Terraform in github-control repository
# Do not edit this file, all changes will be overwritten
# If you need to change this file, create a pull request in
# https://github.com/tinyfish-io/github-control
---
name: Snyk Code Scan
on: # yamllint disable-line rule:truthy
schedule:
- cron: "0 0 * * *"
workflow_dispatch:
jobs:
security_scan:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Snyk CLI
uses: snyk/actions/setup@0.4.0
- name: Install snyk-to-html
run: npm install snyk-to-html -g
- name: Run Snyk Code Analysis
run: snyk code test --json-file-output=snyk-report.json || true
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
- name: Prepare html report
run: snyk-to-html -i snyk-report.json -o snyk-code-report.html
- name: Upload Report as Artifact
uses: actions/upload-artifact@v4
with:
name: snyk-report
path: snyk-code-report.html