DevFW-CICD/spring-petclinic
16
0
Fork 1
mirror of https://github.com/spring-projects/spring-petclinic.git synced 2025-07-26 00:45:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update maven.yml

Browse source
This commit is contained in:
Jamie O'Meara 2021-05-19 15:40:23 -06:00 committed by GitHub
parent 023f68352e
commit 1556804341
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
.github/workflows/maven.yml vendored
View file

@ -82,3 +82,20 @@ jobs:
uses: github/codeql-action/upload-sarif@v1 uses: github/codeql-action/upload-sarif@v1
with: with:
sarif_file: ${{ steps.scan.outputs.sarif }} sarif_file: ${{ steps.scan.outputs.sarif }}
- name: Run Snyk to check Docker image for vulnerabilities
# Snyk can be used to break the build when it detects vulnerabilities.
# In this case we want to upload the issues to GitHub Code Scanning
continue-on-error: true
uses: snyk/actions/docker@master
env:
# In order to use the Snyk Action you will need to have a Snyk API token.
# More details in https://github.com/snyk/actions#getting-your-snyk-token
# or you can signup for free at https://snyk.io/login
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
image: ghcr.io/octodemo/spring-petclinic/spring-petclinic:latest
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: snyk.sarif