CloudBees action: Scan with Snyk SCA

Use this action to scan repositories for dependency vulnerabilities with the Snyk Open Source Software Composition Analysis (SCA) scanner.

All CloudBees action repositories are listed at CloudBees, Inc. on GitHub.

Inputs

Table 1. Input details
Input name	Data type	Required?	Description
`orgname`	String	Yes	The Snyk organization name.
`token`	String	Yes	The Snyk client secret.
`language`	String	No	The language of your Git repository code base. Refer to Supported languages.

Supported languages

Table 2. Supported languages with inputs
Supported language	Input format
Go	`LANGUAGE_GO`
Java	`LANGUAGE_JAVA`
JavaScript	`LANGUAGE_JS`
Ruby	`LANGUAGE_RUBY`

Usage example

In your YAML file, add:

      - name: Scan with Snyk SCA
        uses: https://github.com/cloudbees-io/snyk-sca-scan-dependency@v1
        with:
          orgname: "snyk_organization_name"
          token: ${{ secrets.SNYK_SECRET }}
          language: "LANGUAGE_GO"▼