Update maven.yml

2025-07-25 00:25:50 +00:00 · 2021-05-19 15:40:23 -06:00 · 2021-05-19 15:40:23 -06:00 · 1556804341
commit 1556804341
parent 023f68352e
1 changed files with 17 additions and 0 deletions
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@ -82,3 +82,20 @@ jobs:
      uses: github/codeql-action/upload-sarif@v1
      with:
        sarif_file: ${{ steps.scan.outputs.sarif }}
+    
+    - name: Run Snyk to check Docker image for vulnerabilities
+      # Snyk can be used to break the build when it detects vulnerabilities.
+      # In this case we want to upload the issues to GitHub Code Scanning
+      continue-on-error: true
+      uses: snyk/actions/docker@master
+      env:
+        # In order to use the Snyk Action you will need to have a Snyk API token.
+        # More details in https://github.com/snyk/actions#getting-your-snyk-token
+        # or you can signup for free at https://snyk.io/login
+        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      with:
+        image: ghcr.io/octodemo/spring-petclinic/spring-petclinic:latest
+    - name: Upload result to GitHub Code Scanning
+      uses: github/codeql-action/upload-sarif@v1
+      with:
+        sarif_file: snyk.sarif