Add the Snyk Orb to your CircleCI Config
Adding the Orb exposes the
snykcommands and jobs to your workflow. Consider your requirements when choosing where in the workflow to add them.
For this example, add the
snyk/scan-iacjob before the
gke-create-clusterjob to check Terraform files are correctly configured before creating the cloud infrastructure. The
argsparameter points to which files to check for misconfigurations and can also be used to pass other Snyk CLI arguments.
When ready, commit and merge your changes to trigger the workflow run.
When the workflow runs, the output will be displayed in your CircleCI project run. The job fails because issues are found in the
Snyk Orb output in the CircleCI UI
Clicking on the
main.tffile will show you an in-line view of the issues found, with additional information such as the impact of the configuration and how to fix it.
In the next section we'll show how you can tune this analysis to adjust the test's pass/fail criteria.