Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/fluent-ci-templates/snyk-pipeline

A ready-to-use CI/CD Pipeline for scanning vulnerabilities in your project with Snyk.
https://github.com/fluent-ci-templates/snyk-pipeline

cicd dagger deno pipeline snyk typescript

Last synced: about 6 hours ago
JSON representation

A ready-to-use CI/CD Pipeline for scanning vulnerabilities in your project with Snyk.

Host: GitHub
URL: https://github.com/fluent-ci-templates/snyk-pipeline
Owner: fluent-ci-templates
License: mit
Created: 2023-09-22T16:16:05.000Z (about 1 year ago)
Default Branch: main
Last Pushed: 2024-08-06T10:38:55.000Z (3 months ago)
Last Synced: 2024-08-06T12:32:15.012Z (3 months ago)
Topics: cicd, dagger, deno, pipeline, snyk, typescript
Language: TypeScript
Homepage:
Size: 162 KB
Stars: 1
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

        # Snyk Pipeline

[![fluentci pipeline](https://shield.fluentci.io/x/snyk_pipeline)](https://pkg.fluentci.io/snyk_pipeline)

![deno compatibility](https://shield.deno.dev/deno/^1.42)

[![dagger-min-version](https://shield.fluentci.io/dagger/v0.11.7)](https://dagger.io)

[![](https://jsr.io/badges/@fluentci/snyk)](https://jsr.io/@fluentci/snyk)

[![](https://img.shields.io/codecov/c/gh/fluent-ci-templates/snyk-pipeline)](https://codecov.io/gh/fluent-ci-templates/snyk-pipeline)

[![ci](https://github.com/fluent-ci-templates/snyk-pipeline/actions/workflows/ci.yml/badge.svg)](https://github.com/fluent-ci-templates/snyk-pipeline/actions/workflows/ci.yml)

A ready-to-use CI/CD Pipeline for scanning vulnerabilities in your project with Snyk.

## 🚀 Usage

Run the following command:

```bash

fluentci run snyk_pipeline

```

Or, if you want to use it as a template:

```bash

fluentci init -t snyk

```

This will create a `.fluentci` folder in your project.

Now you can run the pipeline with:

```bash

fluentci run .

```

## 🧩 Dagger Module

Use as a [Dagger](https://dagger.io) Module:

```bash

dagger install github.com/fluent-ci-templates/snyk-pipeline@main

```

Call a function from the module:

```bash

dagger call iac-test \

  --src . \

  --token env:SNYK_TOKEN \

  --severity-threshold medium

dagger call test \

  --src . \

  --token env:SNYK_TOKEN \

  --severity-threshold medium

```

## 🛠️ Environment variables

| Variable                | Description                   | Default    |

| ----------------------- | ----------------------------- | ---------- |

| SNYK_TOKEN              | Your Snyk API token           |            |

| SNYK_IMAGE_TAG          | Default snyk image tag to use | alpine     |

| SNYK_SEVERITY_THRESHOLD | Minimum severity threshold    | low        |

## ✨ Jobs

| Job      | Description                                                        |

| -------- | ------------------------------------------------------------------ |

| test     | Checks projects for open source vulnerabilities and license issues |

| iac_test | Checks infrastructure as code for security issues                  |

```typescript

test(

  src: string | Directory | undefined = ".",

  token?: string | Secret,

  severityThreshold?: string

): Promise

iacTest(

  src: string | Directory | undefined = ".",

  token?: string | Secret,

  severityThreshold?: string

): Promise

```

## 👨‍💻 Programmatic usage

You can also use this pipeline programmatically:

```ts

import { test } from "jsr:@fluentci/snyk";

await test();

```