4c231e4a01
Get the repo ready to support the [pull request merge queue](https://github.blog/changelog/2021-10-27-pull-request-merge-queue-limited-beta/): <img width="777" alt="Screenshot 2023-02-20 at 14 48 44" src="https://user-images.githubusercontent.com/9406895/220125516-4b2f7245-fb6d-4517-933e-d9cf86308661.png">
34 lines
1.1 KiB
YAML
34 lines
1.1 KiB
YAML
name: snyk
|
|
|
|
on:
|
|
push:
|
|
branches: [main, dev]
|
|
pull_request:
|
|
branches: [main, dev]
|
|
# You can use the merge_group event to trigger your GitHub Actions workflow when
|
|
# a pull request is added to a merge queue
|
|
# https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue#triggering-merge-group-checks-with-github-actions
|
|
merge_group:
|
|
|
|
jobs:
|
|
security-scan:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- uses: actions/setup-python@v4
|
|
with:
|
|
python-version: "3.9"
|
|
- uses: actions/setup-node@v3
|
|
with:
|
|
node-version: 14.17.0
|
|
- uses: snyk/actions/setup@master
|
|
- name: Install Dependencies
|
|
run: |
|
|
pip install -r engine/requirements.txt
|
|
cd grafana-plugin/
|
|
yarn --network-timeout 500000
|
|
- name: Run Snyk
|
|
continue-on-error: true
|
|
run: snyk test --all-projects --severity-threshold=high
|
|
env:
|
|
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
|