Skip to content
Scan Python Package Version

Add reprex for GitHub Action failure #7

Sign in to view logs

Add reprex for GitHub Action failure

Add reprex for GitHub Action failure #7

Workflow file for this run

.github/workflows/python-package-version.yml at 22d85c7
name: Scan Python Package Version
on:
pull_request:
jobs:
build:
runs-on: ubuntu-latest-4x
env:
IMAGE_NAME: "rstudio/rstudio-workbench-snyk:latest"
SNYK_ORG: ${{ secrets.SNYK_ORG }}
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
steps:
- uses: actions/checkout@v4
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Setup Snyk
uses: snyk/actions/setup@master
- name: Snyk Auth
shell: bash
run: |
snyk auth ${{ secrets.SNYK_TOKEN }}
- name: Build Container Image
uses: docker/build-push-action@v6
with:
context: ./python-package-version
file: ./python-package-version/Dockerfile
platforms: linux/amd64
tags: ${{ env.IMAGE_NAME }}
load: true
push: false
cache-from: type=gha
cache-to: type=gha
- name: Snyk Container Test via CLI
# Continue to the GitHub Action even if vulnerabilities are found
continue-on-error: true
shell: bash
run: |
snyk container test \
--debug \
--exclude-base-image-vulns \
--file="./python-package-version/Dockerfile" \
--format="legacy" \
--org="${SNYK_ORG}" \
--platform="linux/amd64" \
--policy-path="./python-package-version/.snyk" \
--severity-threshold="high" \
${{ env.IMAGE_NAME }}
- name: Run Snyk Container Test via GitHub Action
uses: snyk/actions/docker@master
with:
image: "${{ env.IMAGE_NAME }}"
args: |
--debug \
--exclude-base-image-vulns \
--file="./python-package-version/Dockerfile" \
--format="legacy" \
--org="${SNYK_ORG}" \
--platform="linux/amd64" \
--policy-path="./python-package-version/.snyk" \
--severity-threshold="high"