quietengineer.fyi
+32
.tangled/workflows/security.yaml
+32
.tangled/workflows/security.yaml
···
···
1
+
when:
2
+
- event: ["push", "pull_request"]
3
+
branch: ["main", "develop"]
4
+
- event: ["manual"]
5
+
6
+
engine: "nixery"
7
+
8
+
dependencies:
9
+
nixpkgs:
10
+
- go
11
+
- snyk
12
+
13
+
environment:
14
+
SNYK_DISABLE_ANALYTICS: 1
15
+
16
+
steps:
17
+
- name: build application
18
+
command: |
19
+
go build -v ./...
20
+
21
+
- name: snyk auth
22
+
command: |
23
+
snyk auth "$SNYK_TOKEN"
24
+
25
+
- name: snyk test
26
+
command: |
27
+
snyk monitor --all-projects
28
+
snyk test --all-projects
29
+
30
+
- name: snyk code test
31
+
command: |
32
+
snyk code test --json-file-output=snyk_code.json