A ready-to-use CI/CD Pipeline for scanning vulnerabilities in your project with Snyk.
Run the following command:
fluentci run snyk_pipelineOr, if you want to use it as a template:
fluentci init -t snykThis will create a .fluentci folder in your project.
Now you can run the pipeline with:
fluentci run .Use as a Dagger Module:
dagger install github.com/fluent-ci-templates/snyk-pipeline@mainCall a function from the module:
dagger call iac-test \
--src . \
--token env:SNYK_TOKEN \
--severity-threshold medium
dagger call test \
--src . \
--token env:SNYK_TOKEN \
--severity-threshold medium| Variable | Description | Default |
|---|---|---|
| SNYK_TOKEN | Your Snyk API token | |
| SNYK_IMAGE_TAG | Default snyk image tag to use | alpine |
| SNYK_SEVERITY_THRESHOLD | Minimum severity threshold | low |
| Job | Description |
|---|---|
| test | Checks projects for open source vulnerabilities and license issues |
| iac_test | Checks infrastructure as code for security issues |
test(
src: string | Directory | undefined = ".",
token?: string | Secret,
severityThreshold?: string
): Promise<string>
iacTest(
src: string | Directory | undefined = ".",
token?: string | Secret,
severityThreshold?: string
): Promise<string>You can also use this pipeline programmatically:
import { test } from "jsr:@fluentci/snyk";
await test();