Known to work with Dagger v0.11.2
Check code, infrastructure-as-code and containers using Snyk from your Dagger pipelines.
| Environment Variable | Required | Default | Description | Command |
|---|---|---|---|---|
| SNYK_TOKEN | Yes | -- | Your Snyk API token. You can get this from your Snyk Account page. | export SNYK_TOKEN=<your-snyk-token> |
| SNYK_SEVERITY_THRESHOLD | No | Low | The severity threshold to filter by. (low, medium, high, critical) | export SNYK_SEVERITY_THRESHOLD=<your-threshold> |
| Flag | Required | Description | Command | Available On |
|---|---|---|---|---|
| --org | No | Your Snyk organization ID. You can get this from your Snyk Account page. | --org myorg |
All |
| --image | Yes | The container image to test. | --image alpine |
ContainersTest |
| --src | Yes | The source folder to test. | --src ../project |
Test, CodeTest, IacTest |
| --policy-path | No | The path pointing to .snyk policy definitions | --policy-path ../project/.snyk |
All |
Check the code in the current directory for vulnerabilities:
dagger call -m github.com/rropen/dagger-snyk snyk-test --src . --org myorg --token env:SNYK_TOKEN
Call the SNYK SAST tool:
dagger call -m github.com/rropen/dagger-snyk snyk-code-test --src . --org myorg --token env:SNYK_TOKEN
Check the infrastructure-as-code (e.g. Terraform etc) in the current directory for issues:
dagger call -m github.com/rropen/dagger-snyk snyk-iac-test --src . --org myorg --token $SNYK_TOKEN
Check the given container image for vulnerabilities:
dagger call -m github.com/rropen/dagger-snyk snyk-container-test --image "alpine:latest" --org myorg --token $SNYK_TOKEN