ci(synk): run test & upload to codeql

2022-05-13 01:00:45 +00:00 · 2022-05-13 01:00:45 +00:00 · ef46c3c6d9
parent 4648fa32f1
commit ef46c3c6d9
1 changed files with 12 additions and 0 deletions
--- a/.github/workflows/snyk.yml
+++ b/.github/workflows/snyk.yml
@ -16,6 +16,18 @@ jobs:
          node-version: '14.x'
      - name: Install Dependencies
        run: npm install
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/node@master
+        continue-on-error: true # To make sure that SARIF upload gets called
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          command: test
+          args: --sarif-file-output=snyk.sarif
+      - name: Upload result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: snyk.sarif
      - name: Run Snyk to check for vulnerabilities
        uses: snyk/actions/node@master
        env: