SupportAPI docsProduct updatesSign up for free
Search…
Snyk User Documentation
Introducing Snyk
Getting started
PRODUCTS
Snyk Open Source
Snyk Code
Snyk Container
Snyk Infrastructure as Code
FEATURES
Snyk CLI
Snyk API
Integrations
User and group management
Fixing and prioritizing issues
Reports
Other tools
TUTORIALS
Getting Started
Amazon Web Services
Atlassian
CircleCI
Docker
Dynatrace
GCP
GitHub
Microsoft Azure
Oracle Cloud Infrastructure
Red Hat
SpringOne
Workshop Overview
Create Github Repository
Configure Snyk for DevSecOps
Developer Environment and Snyk
Clone SPC Repository
Authenticate with Snyk
Snyk Test using CLI
Snyk test using Maven
Validate Kubernetes files with Snyk
CI/CD Pipeline
Snyk Open-Source (SCA)
Snyk CI/CD
Snyk Containers
Snyk Infrastructure as Code (IaC)
Workshop Wrap Up
MORE INFO
Disclosing vulnerabilities
How Snyk handles your data
Powered By GitBook
Developer Environment and Snyk

The developer experience

This section of the workshop demonstrates a common developer practice of scanning your application for vulnerabilities and license compliance using the Snyk CLI. Snyk offers many ways to execute a vulnerability and license scan. Developers can choose to make scanning a part of every build using a Snyk plugin, like Maven or Gradle for Java, or using the Snyk CLI to perform ad-hoc scans. In this section, we will perform an ad-hoc scan, review the results, and configure Maven to use the Snyk plugin.

Workshop exercises

We will complete the following steps.
  1. 1.
    Clone our forked version of the repo to our lab VM
  2. 2.
    Authenticate with the Snyk UI using a personal token.
  3. 3.
    Perform Synk test using the CLI to review vulnerabilities and license issues. We will also use the Snyk CLI to scan container images for vulnerabilities.
  4. 4.
    Configure Maven to use the Snyk plugin for every build.
  5. 5.
    Validate our IaC Kubernetes files and deploy SPC to Kubernetes.
Previous
Configure Docker Hub integration
Next
Clone SPC Repository
Last modified 1mo ago
Export as PDF
Copy link
Edit on GitHub
Contents
The developer experience
Workshop exercises