Skip to content
CI

Add SNYK security analysis workflow #287

Sign in to view logs

Add SNYK security analysis workflow

Add SNYK security analysis workflow #287

Workflow file for this run

.github/workflows/ci.yml at 372b462
name: CI
on:
workflow_dispatch: {}
push:
branches:
- main
paths-ignore:
- "Jenkinsfile"
- ".git**"
pull_request:
jobs:
security-analysis:
name: Security Analysis
uses: alphagov/govuk-infrastructure/.github/workflows/brakeman.yml@main
snyk-security:
name: SNYK security analysis
uses: alphagov/govuk-infrastructure/.github/workflows/snyk-security.yml@main

Check failure on line 20 in .github/workflows/ci.yml

View workflow run for this annotation

GitHub Actions / CI

Invalid workflow file 

The workflow is not valid. In .github/workflows/ci.yml (Line: 20, Col: 11): Error from called workflow alphagov/govuk-infrastructure/.github/workflows/snyk-security.yml@main (Line: 18, Col: 14): Unrecognized named-value: 'SNYK_TOKEN'. Located at position 1 within expression: SNYK_TOKEN In .github/workflows/ci.yml (Line: 20, Col: 11): Error from called workflow alphagov/govuk-infrastructure/.github/workflows/snyk-security.yml@main (Line: 38, Col: 14): Unrecognized named-value: 'SNYK_TOKEN'. Located at position 1 within expression: SNYK_TOKEN
codeql-sast:
name: CodeQL SAST scan
uses: alphagov/govuk-infrastructure/.github/workflows/codeql-analysis.yml@main
permissions:
security-events: write
dependency-review:
name: Dependency Review scan
uses: alphagov/govuk-infrastructure/.github/workflows/dependency-review.yml@main
lint-ruby:
name: Lint Ruby
uses: alphagov/govuk-infrastructure/.github/workflows/rubocop.yml@main
test-ruby:
name: Test Ruby
runs-on: ubuntu-latest
steps:
- name: Setup Postgres
id: setup-postgres
uses: alphagov/govuk-infrastructure/.github/actions/setup-postgres@main
- name: Setup Redis
uses: alphagov/govuk-infrastructure/.github/actions/setup-redis@main
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup Ruby
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Initialize database
env:
RAILS_ENV: test
TEST_DATABASE_URL: ${{ steps.setup-postgres.outputs.db-url }}
run: bundle exec rails db:setup
- name: Run RSpec
env:
RAILS_ENV: test
TEST_DATABASE_URL: ${{ steps.setup-postgres.outputs.db-url }}
run: bundle exec rake spec