fix snyk-container.yml #10

	name: Snyk Container

	on:
	push:
	branches: [ "main" ]
	pull_request:
	branches: [ "main" ]
	schedule:
	- cron: '25 8 * * 3'

	permissions:
	contents: read

	jobs:
	snyk:
	permissions:
	contents: read
	security-events: write
	actions: read
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2

	- name: Build a Docker image
	run: docker build -t your/image-to-test .

	- name: Install Snyk CLI
	run: npm install -g snyk

	- name: Run Snyk to check Docker image for vulnerabilities
	continue-on-error: true
	run: snyk container test your/image-to-test --file=Dockerfile --sarif-file-output=snyk.sarif
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	- name: Fix SARIF file # added section
	run: jq -c '.runs \|= map(select((.results \| length) > 0))' <snyk.sarif >fixed_snyk.sarif
	- name: Replace security-severity undefined for license-related findings
	run: sed -i 's/"security-severity": "undefined"/"security-severity": "0"/g' fixed_snyk.sarif
Check failure on line 41 in .github/workflows/snyk-container.yml View workflow run for this annotation GitHub Actions / .github/workflows/snyk-container.yml Invalid workflow file `You have an error in your yaml syntax on line 41`
	- name: Upload result to GitHub Code Scanning
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: fixed_snyk.sarif

Provide feedback