Feat - Include synk check for k8s yaml

Synk has set of rules to validate the k8s yaml for insecure configuration. This action will validate the k8s yaml for insecure configuration.
2024-10-26 10:28:10 +03:00 · 2021-03-07 18:50:52 +00:00 · 2021-03-07 18:50:52 +00:00 · 3489c83404
commit 3489c83404
parent 3d6b080241
1 changed files with 19 additions and 0 deletions
--- a/.github/workflows/synk.yaml
+++ b/.github/workflows/synk.yaml
@ -0,0 +1,19 @@
+name: Snyk IaC
+on: push
+jobs:
+  snyk:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Run Snyk to check configuration files for security issues
+        continue-on-error: true
+        uses: snyk/actions/iac@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          file: gitcache/k8s/deployment.yaml 
+          args: --severity-threshold=high
+      - name: Upload result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: snyk.sarif