Snyk Setup Action
The Snyk Setup Action provides a way to install the Snyk CLI to check for vulnerabilities. For information about when to use this action, see Use your own development environment on the GitHub Actions Integration page.
name: Snyk example
on: push
jobs:
security:
runs-on: ubuntu-latest
steps:
- uses: actions/[email protected]
- uses: snyk/actions/[email protected]
- uses: actions/setup-[email protected]
with:
go-version: "1.13"
- name: Snyk test
run: snyk test
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
When using the Setup Action you are responsible for setting up the development environment required to run Snyk. In this case this is a Go project so
actions/setup-go
was used, but this would be specific to your project. The GitHub language and frameworks guides are a good starting point.The Snyk Setup Action has a property which is passed to the underlying image using
with
.Property | Default | Description |
---|---|---|
snyk-version | latest | Install a specific version of Snyk |
The Action also has output:
Property | Default | Description |
---|---|---|
version | | The full version of the Snyk CLI installed |
For example, you can choose to install a specific version of Snyk and grab the installed version from the output:
name: Snyk example
on: push
jobs:
security:
runs-on: ubuntu-latest
steps:
- uses: actions/[email protected]
- uses: snyk/actions/[email protected]
id: snyk
with:
snyk-version: v1.391.0
- uses: actions/setup-[email protected]
with:
go-version: "1.13"
- name: Snyk version
run: echo "${{ steps.snyk.outputs.version }}"
- name: Snyk monitor
run: snyk monitor
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
Last modified 2mo ago