forked from Sonal0409/SL-NodeJS-DevSecOps-Pipeline
-
Notifications
You must be signed in to change notification settings - Fork 22
Expand file tree
/
Copy pathbuildspec.yml
More file actions
20 lines (16 loc) · 751 Bytes
/
buildspec.yml
File metadata and controls
20 lines (16 loc) · 751 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
# buildspec.yaml
version: 0.2
phases:
build:
commands:
# install the latest Snyk CLI from GitHub Releases
- latest_version=$(curl -Is "https://github.com/snyk/cli/releases/latest" | grep "^location" | sed 's#.*tag/##g' | tr -d "\r")
- snyk_cli_dl_linux="https://github.com/snyk/cli/releases/download/${latest_version}/snyk-linux"
- curl -Lo /usr/local/bin/snyk $snyk_cli_dl_linux
- chmod +x /usr/local/bin/snyk
# authenticate the Snyk CLI
- snyk auth 7aacf9a9-2ca5-49f3-a88f-93f0dd57e0b8
# perform a Snyk SCA scan; continue if vulnerabilities are found
- snyk test || true
# upload a snapshot of the project to Snyk for continuous monitoring
- snyk monitor