From f604ecabe82a19f29c086158e080b529bef6c968 Mon Sep 17 00:00:00 2001 From: Gareth Rushgrove Date: Sun, 13 Sep 2020 07:08:06 +0000 Subject: [PATCH] Generated new GitHub Actions templates skip-checks: true --- README.md | 42 ++++++++---------------------------------- 1 file changed, 8 insertions(+), 34 deletions(-) diff --git a/README.md b/README.md index 37b32c7..8b23fd5 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,6 @@ you are using. We currently support: * [Ruby](ruby) * [Scala](scala) * [Docker](docker) -* [Setup](setup) Here's an example of using one of the Actions, in this case to test a Node.js project: @@ -61,37 +60,11 @@ jobs: See the individual Actions linked above for per-language instructions. -Note that GitHub Actions will not pass on secrets set in the repository to forks being used in pull requests, and so the Snyk actions that require the token will fail to run. +Note: GitHub Actions will not pass on secrets set in the repository to forks being used in pull requests, and so the Snyk actions that require the token will fail to run. +## Getting your Snyk token -### Bring your own development environment - -The per-language Actions automatically install all the required development tools for Snyk to determine the correct dependencies and hence vulnerabilities from different language environments. If you have a workflow where you already have those installed then you can instead use the `snyk/actions/setup` Action to just install Snyk - -```yaml -name: Snyk example -on: push -jobs: - security: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@master - - uses: snyk/actions/setup@master - - uses: actions/setup-go@v1 - with: - go-version: "1.13" - - name: Snyk monitor - run: snyk test - env: - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} -``` - -The example here uses `actions/setup-go` would you would need to select the right actions to install the relevant development requirements for your project. If you are already using the same pipeline to build and test your application you're likely already doing so. - - -### Getting your Snyk token - -The Actions example above refer to a Snyk API token: +The Actions example above refer to a Snyk API token: ```yaml env: @@ -100,12 +73,10 @@ env: Every Snyk account has this token, and you can find it in one of two ways: 1. If you're using the [Snyk CLI](https://support.snyk.io/hc/en-us/articles/360003812458-Getting-started-with-the-CLI) you can retrieve it by running `snyk config get api`. -2. In the UI, go to your Snyk account's [settings page](https://app.snyk.io/account) and retrieve the API token, as shown in the following [Revoking and regenerating Snyk API tokens](https://support.snyk.io/hc/en-us/articles/360004008278-Revoking-and-regenerating-Snyk-API-tokens). - +2. In the UI, go to your account's general settings page (https://app.snyk.io/account) and retrieve the API token, as shown in the following [Revoking and regenerating Snyk API tokens](https://support.snyk.io/hc/en-us/articles/360004008278-Revoking-and-regenerating-Snyk-API-tokens). -### Continuing on error -The above examples will fail the workflow when issues are found. If you want to ensure the Action continues, even if Snyk finds vulnerabilities, then [continue-on-error](https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepscontinue-on-error) can be used.. +Note: The above examples will halt the action when issues are found. If you want to ensure the action continues, even if Snyk finds issues, then [conmtinue-on-error]https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepscontinue-on-error will need to be set. ```yaml name: Example workflow using Snyk with continue on error @@ -120,4 +91,7 @@ jobs: continue-on-error: true env: SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} + with: + command: monitor ``` +