Feature: Snyk code analysis for code and image
This commit is contained in:
Quentin McGaw
18
.github/workflows/build.yml
vendored
18
.github/workflows/build.yml
vendored
@@ -42,10 +42,20 @@ jobs:
|
|||||||
-covermode=atomic \
|
-covermode=atomic \
|
||||||
./...
|
./...
|
||||||
|
|
||||||
# We run this here to use the caching of the previous steps
|
- name: Code security analysis
|
||||||
- if: github.event_name == 'push'
|
uses: snyk/actions/golang@master
|
||||||
name: Build final image
|
env:
|
||||||
run: docker build .
|
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
|
||||||
|
|
||||||
|
- name: Build final image
|
||||||
|
run: docker build -t final-image .
|
||||||
|
|
||||||
|
- name: Image security analysis
|
||||||
|
uses: snyk/actions/docker@master
|
||||||
|
env:
|
||||||
|
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
|
||||||
|
with:
|
||||||
|
image: final-image
|
||||||
|
|
||||||
publish:
|
publish:
|
||||||
needs: [verify]
|
needs: [verify]
|
||||||
|
|||||||
Reference in New Issue
Block a user