Skip to content
/ import-snyk-projects Public

This GitHub Actions workflow automatically imports GitHub repositories to Snyk, a security platform that helps developers find and fix vulnerabilities in their code.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

souro1212/import-snyk-projects

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
.whitesource
.whitesource
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
snyk-orgs.json
snyk-orgs.json
 
 
snykImport.yml
snykImport.yml
 
 

Repository files navigation

Workflow to import GitHub repositories to Snyk

This GitHub Actions workflow automatically imports GitHub repositories to Snyk, a security platform that helps developers find and fix vulnerabilities in their code.

Usage

To use this workflow, you need to add the following code to your repository's .github/workflows/snyk-import.yml file:

on:
  schedule:
    - cron: '0 0 * * *'

jobs:
  snyk-import:
    runs-on: ubuntu-latest
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
      SNYK_LOG_PATH: "."
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Install dependencies
        uses: actions/setup-node@v2
        with:
          node-version: '14.x'
      - name: Install dependencies
        run: npm install
      - name: Install snyk-import 
        run: npm install snyk-api-import@latest -g
      - name: Create import data for snyk
        run: DEBUG=*snyk* snyk-api-import import:data --orgsData=${{ github.workspace }}/snyk-orgs.json --source=github
      - name: Import data to snyk
        run: DEBUG=*snyk* snyk-api-import import --file=${{ github.workspace }}/github-import-targets.json

This workflow runs on a schedule using a cron expression, which you can customize to your needs. By default, the workflow runs every day at midnight UTC.

You also need to add two secrets to your repository :

  • GITHUB_TOKEN: a personal access token with repo and read:org scopes.
  • SNYK_TOKEN: an API token for Snyk.

Steps

The workflow performs the following steps:

  • Use the GITHUB_TOKEN and SNYK_TOKEN secrets as environment variables.
  • Check out the repository's code.
  • Install Node.js and its dependencies.
  • Install the snyk-api-import package globally.
  • Create import data for Snyk, using the snyk-orgs.json file in the repository's root directory and the GitHub source.

snyk-orgs.json file format:

 { "orgData": [ { "name": "<Org-name>", "orgId": "<Org-ID>", "integrations": { "github": "<github-integration-ID>" } } ] }
  • Import the data to Snyk, using the github-import-targets.json file in the repository's root directory.

Conclusion

With this workflow, you can easily import your GitHub repositories to Snyk and start monitoring them for vulnerabilities. For more information on how to use Snyk, please refer to the official documentation.

About

This GitHub Actions workflow automatically imports GitHub repositories to Snyk, a security platform that helps developers find and fix vulnerabilities in their code.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Contributors 2

  •  
  •