From ec5690951c0bac52b1c01c0a14ecae602b0eb317 Mon Sep 17 00:00:00 2001
From: dylansnyk <dylan.havelock@snyk.io>
Date: Fri, 22 Mar 2024 15:06:51 -0400
Subject: [PATCH] add snyk container monitor

---
 .../workflows/container-build-and-test.yml    | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/container-build-and-test.yml b/.github/workflows/container-build-and-test.yml
index c7f3d2d0534..1b920537eb1 100644
--- a/.github/workflows/container-build-and-test.yml
+++ b/.github/workflows/container-build-and-test.yml
@@ -1,8 +1,9 @@
 name: Build Image and Test with Snyk
 
 on:
-  workflow_dispatch:
-  workflow_call:
+  push:
+    branches:
+    - master
 
 jobs:
   docker:
@@ -27,12 +28,10 @@ jobs:
           uses: docker/build-push-action@v5
           with:
             push: true
-            tags: troysnyk/snyk-juice-shop:linux-action
+            tags: troysnyk/snyk-juice-shop:linux
 
-        # - name: Test Built Image with Snyk
-        #   uses: snyk/actions/docker@master
-        #   env:
-        #     SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        #   with:
-        #     image: troysnyk/snyk-juice-shop
-        #     args: --file=Dockerfile
+        - uses: snyk/actions/setup@master
+        - name: Snyk Container Monitor 
+          run: snyk container monitor troysnyk/snyk-juice-shop:linux --tags="component=pkg:${{ github.respository }}@${{ github.ref_name }}" --org=${{ secrets.SNYK_ORG_ID }} --exclude-app-vulns --file=Dockerfile 
+          env:
+            SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}