Merge pull request #394 from RADAR-base/feature/action-docker-image-scan

Fix weekly Snyk Docker image scan
RADAR-base · Feb 12, 2025 · dfa721d · dfa721d
2 parents 3a0d785 + b6ff99f
commit dfa721d
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 2 deletions.
diff --git a/.github/workflows/scheduled_snyk.yaml b/.github/workflows/scheduled_snyk.yaml
@@ -16,7 +16,7 @@ jobs:
       - uses: actions/checkout@v3
       - uses: snyk/actions/setup@master
         with:
-          snyk-version: v1.1032.0
+          snyk-version: v1.1295.2
 
       - uses: actions/setup-java@v3
         with:
@@ -35,6 +35,7 @@ jobs:
           --configuration-matching='^runtimeClasspath$'
           --fail-on=upgradable
           --org=radar-base
+          --json-file-output=snyk.json
           --policy-path=$PWD/.snyk
 
       - name: Report new vulnerabilities

diff --git a/.github/workflows/scheduled_snyk_docker.yaml b/.github/workflows/scheduled_snyk_docker.yaml
@@ -13,7 +13,7 @@ jobs:
             - uses: actions/checkout@v3
             - uses: snyk/actions/setup@master
               with:
-                  snyk-version: v1.1032.0
+                  snyk-version: v1.1295.2
 
             - name: Run Snyk to check for vulnerabilities
               env:
@@ -23,6 +23,8 @@ jobs:
                   --severity-threshold=high
                   --fail-on=upgradable
                   --file=Dockerfile
+                  --policy-path=$PWD/.snyk
+                  --json-file-output=snyk.json
                   radarbase/radar-schemas-tools
                   
             - name: Report new vulnerabilities