Update snyk-security-scan.yml

oneofmany · Jan 19, 2024 · c28f5ab · c28f5ab
1 parent 9d4e45c
commit c28f5ab
Showing 1 changed file with 6 additions and 5 deletions.
diff --git a/.github/workflows/snyk-security-scan.yml b/.github/workflows/snyk-security-scan.yml
@@ -44,7 +44,7 @@ jobs:
         # Snyk can be used to break the build when it detects security issues.
         # In this case we want to upload the SAST issues to GitHub Code Scanning
         uses: snyk/actions/setup@806182742461562b67788a64410098c9d9b96adb
-
+        continue-on-error: true # To make sure that SARIF upload gets called
         # For Snyk Open Source you must first set up the development environment for your application's dependencies
         # For example for Node
         #- uses: actions/setup-node@v3
@@ -55,23 +55,24 @@ jobs:
         # Use || true to not fail the pipeline
       - name: Snyk Code test
         run: snyk code test --sarif -d > snyk-code.sarif # || true
-
+        continue-on-error: true # To make sure that SARIF upload gets called
         # Runs Snyk Open Source (SCA) analysis and uploads result to Snyk.
       - name: Snyk Open Source monitor
         run: snyk monitor --all-projects
-
+        continue-on-error: true # To make sure that SARIF upload gets called
         # Runs Snyk Infrastructure as Code (IaC) analysis and uploads result to Snyk.
         # Use || true to not fail the pipeline.
       - name: Snyk IaC test and report
         run: snyk iac test --report # || true
-
+        continue-on-error: true # To make sure that SARIF upload gets called
         # Build the docker image for testing
       - name: Build a Docker image
         run: docker build -t your/image-to-test .
+        continue-on-error: true # To make sure that SARIF upload gets called
         # Runs Snyk Container (Container and SCA) analysis and uploads result to Snyk.
       - name: Snyk Container monitor
         run: snyk container monitor your/image-to-test --file=Dockerfile
-
+        continue-on-error: true # To make sure that SARIF upload gets called
         # Push the Snyk Code results into GitHub Code Scanning tab
       - name: Upload result to GitHub Code Scanning
         uses: github/codeql-action/upload-sarif@v2