Skip to content

Commit fb387cd

Browse files
committed
chore: consolidate snyk scanning GHA
Signed-off-by: Emiliano Suñé <emiliano.sune@gmail.com>
1 parent fb5dcdb commit fb387cd

File tree

2 files changed

+14
-57
lines changed

2 files changed

+14
-57
lines changed

.github/workflows/snyk-lts.yml

Lines changed: 0 additions & 57 deletions
This file was deleted.

.github/workflows/snyk.yml

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,9 @@ on:
33
push:
44
branches:
55
- main
6+
- '**.lts' # LTS release branches (e.g., 0.12.lts, 1.2.lts)
67
paths:
8+
- aries_cloudagent/** # Legacy directory (older LTS branches)
79
- acapy_agent/**
810
- docker/**
911

@@ -37,6 +39,18 @@ jobs:
3739
image: acapy-agent
3840
args: --file=docker/Dockerfile
3941

42+
- name: Run Snyk monitor for continuous monitoring
43+
# Continuously monitor for new vulnerabilities in released/releasable code
44+
# See https://support.snyk.io/hc/en-us/articles/360000920818-What-are-the-differences-among-snyk-test-monitor-and-protect
45+
continue-on-error: true
46+
uses: snyk/actions/docker@9adf32b1121593767fc3c057af55b55db032dc04 # 1.0.0
47+
env:
48+
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
49+
with:
50+
image: acapy-agent
51+
args: --file=docker/Dockerfile
52+
command: monitor
53+
4054
# Replace any "null" security severity values with 0. The null value is used in the case
4155
# of license-related findings, which do not do not indicate a security vulnerability.
4256
# See https://github.com/github/codeql-action/issues/2187 for more context.

0 commit comments

Comments
 (0)