Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 160caa7

Browse files
authored
Merge pull request #24 from sir-gon/snyk
Snyk
2 parents 49499ce + 68417e6 commit 160caa7

File tree

3 files changed

+52
-1
lines changed

3 files changed

+52
-1
lines changed

‎.github/workflows/docker-image.yml‎

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,3 +25,20 @@ jobs:
2525
- name: Tag Docker image
2626
run: docker tag algorithm-exercises-csharp:latest algorithm-exercises-csharp:${{ github.sha }}
2727

28+
- name: Run Snyk to check Docker image for vulnerabilities
29+
# Snyk can be used to break the build when it detects vulnerabilities.
30+
# In this case we want to upload the issues to GitHub Code Scanning
31+
continue-on-error: true
32+
uses: snyk/actions/docker@master
33+
env:
34+
# In order to use the Snyk Action you will need to have a Snyk API token.
35+
# See https://docs.snyk.io/integrations/ci-cd-integrations/github-actions-integration#getting-your-snyk-token
36+
# or you can sign up for free at https://snyk.io/login
37+
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
38+
with:
39+
image: algorithm-exercises-csharp:latest
40+
args: --file=Dockerfile
41+
# - name: Upload result to GitHub Code Scanning
42+
# uses: github/codeql-action/upload-sarif@v2
43+
# with:
44+
# sarif_file: snyk.sarif

‎.github/workflows/dotnet-snyk.yml‎

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,27 @@
1+
# This workflow will build a .NET project
2+
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-net
3+
4+
name: .NET Snyk Code analysis
5+
6+
on:
7+
push:
8+
branches: [ main, develop, feature/* ]
9+
pull_request:
10+
branches: [ main ]
11+
12+
jobs:
13+
security:
14+
runs-on: ubuntu-latest
15+
steps:
16+
- uses: actions/checkout@master
17+
- uses: snyk/actions/setup@master
18+
- name: Setup .NET
19+
uses: actions/setup-dotnet@v4
20+
with:
21+
dotnet-version: 8.0.x
22+
- name: Restore dependencies
23+
run: dotnet restore algorithm-exercises-csharp.sln
24+
- name: Run Snyk to check for vulnerabilities
25+
run: snyk test algorithm-exercises-csharp/ algorithm-exercises-csharp-test/
26+
env:
27+
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

‎Dockerfile‎

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,14 @@ FROM mcr.microsoft.com/dotnet/sdk:8.0.204-alpine3.19-amd64 AS base
33
ENV WORKDIR=/app
44
WORKDIR ${WORKDIR}
55

6-
FROM node:20.2.0-alpine3.16 AS lint
6+
FROM node:22.1.0-alpine3.19 AS lint
7+
8+
ENV WORKDIR=/app
9+
WORKDIR ${WORKDIR}
10+
11+
COPY ./docs ${WORKDIR}/docs
12+
RUN apk add --update --no-cache make
13+
RUN npm install -g markdownlint-cli
714

815
ENV WORKDIR=/app
916
WORKDIR ${WORKDIR}

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /