Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/fluent-ci-templates/snyk-pipeline
A ready-to-use CI/CD Pipeline for scanning vulnerabilities in your project with Snyk.
https://github.com/fluent-ci-templates/snyk-pipeline
cicd dagger deno pipeline snyk typescript
Last synced: about 1 month ago
JSON representation
A ready-to-use CI/CD Pipeline for scanning vulnerabilities in your project with Snyk.
- Host: GitHub
- URL: https://github.com/fluent-ci-templates/snyk-pipeline
- Owner: fluent-ci-templates
- License: mit
- Created: 2023-09-22T16:16:05.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-08-06T10:38:55.000Z (5 months ago)
- Last Synced: 2024-08-06T12:32:15.012Z (5 months ago)
- Topics: cicd, dagger, deno, pipeline, snyk, typescript
- Language: TypeScript
- Homepage:
- Size: 162 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
Awesome Lists containing this project
README
# Snyk Pipeline
[![fluentci pipeline](https://shield.fluentci.io/x/snyk_pipeline)](https://pkg.fluentci.io/snyk_pipeline)
![deno compatibility](https://shield.deno.dev/deno/^1.42)
[![dagger-min-version](https://shield.fluentci.io/dagger/v0.11.7)](https://dagger.io)
[![](https://jsr.io/badges/@fluentci/snyk)](https://jsr.io/@fluentci/snyk)
[![](https://img.shields.io/codecov/c/gh/fluent-ci-templates/snyk-pipeline)](https://codecov.io/gh/fluent-ci-templates/snyk-pipeline)
[![ci](https://github.com/fluent-ci-templates/snyk-pipeline/actions/workflows/ci.yml/badge.svg)](https://github.com/fluent-ci-templates/snyk-pipeline/actions/workflows/ci.yml)A ready-to-use CI/CD Pipeline for scanning vulnerabilities in your project with Snyk.
## 🚀 Usage
Run the following command:
```bash
fluentci run snyk_pipeline
```Or, if you want to use it as a template:
```bash
fluentci init -t snyk
```This will create a `.fluentci` folder in your project.
Now you can run the pipeline with:
```bash
fluentci run .
```## 🧩 Dagger Module
Use as a [Dagger](https://dagger.io) Module:
```bash
dagger install github.com/fluent-ci-templates/snyk-pipeline@main
```Call a function from the module:
```bash
dagger call iac-test \
--src . \
--token env:SNYK_TOKEN \
--severity-threshold mediumdagger call test \
--src . \
--token env:SNYK_TOKEN \
--severity-threshold medium
```## 🛠️ Environment variables
| Variable | Description | Default |
| ----------------------- | ----------------------------- | ---------- |
| SNYK_TOKEN | Your Snyk API token | |
| SNYK_IMAGE_TAG | Default snyk image tag to use | alpine |
| SNYK_SEVERITY_THRESHOLD | Minimum severity threshold | low |## ✨ Jobs
| Job | Description |
| -------- | ------------------------------------------------------------------ |
| test | Checks projects for open source vulnerabilities and license issues |
| iac_test | Checks infrastructure as code for security issues |```typescript
test(
src: string | Directory | undefined = ".",
token?: string | Secret,
severityThreshold?: string
): PromiseiacTest(
src: string | Directory | undefined = ".",
token?: string | Secret,
severityThreshold?: string
): Promise
```## 👨💻 Programmatic usage
You can also use this pipeline programmatically:
```ts
import { test } from "jsr:@fluentci/snyk";await test();
```