This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Snyk Code and Open Source Analysis | |
on: | |
push: | |
branches: | |
- main | |
jobs: | |
snyk-analysis: | |
runs-on: ubuntu-latest # 最新のUbuntu環境で実行 | |
steps: | |
- name: Check out the code | |
uses: actions/checkout@v3 # コードをチェックアウト | |
- name: Set up Node.js | |
uses: actions/setup-node@v3 | |
with: | |
node-version: '20' # Node.jsのバージョンを指定 | |
- name: Install dependencies | |
run: npm install # 依存関係をインストール | |
- name: Install Snyk CLI | |
run: npm install -g snyk # Snyk CLIをグローバルにインストール | |
- name: Run Snyk Code Analysis | |
run: snyk code test # Snyk Codeによるコードスキャンを実行 | |
env: | |
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
continue-on-error: true # 脆弱性が発見されるとエラーが発生するので続行させる | |
- name: Run Snyk Open Source Analysis | |
run: snyk test #Snyk Open Sourceによる脆弱性スキャンを実行 | |
env: | |
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
continue-on-error: true # エラーが発生しても続行 | |
- name: Monitor project with Snyk | |
run: snyk monitor # プロジェクトをSnykで監視 | |
env: | |
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
env: | |
FORCE_JAVASCRIPT_ACTIONS_TO_NODE20: true # Node.js 20を強制的に使用 |