fix snyk-container.yml #11

	name: Snyk Container

	on:
	push:
	branches: [ "main" ]
	pull_request:
	branches: [ "main" ]
	schedule:
	- cron: '25 8 * * 3'

	permissions:
	contents: read

	jobs:
	snyk:
	permissions:
	contents: read
	security-events: write
	actions: read
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v2

	- name: Build a Docker image
	run: docker build -t your/image-to-test .

	- name: Install Snyk CLI
	run: npm install -g snyk

	- name: Run Snyk to check Docker image for vulnerabilities
	continue-on-error: true
	run: snyk container test your/image-to-test --file=Dockerfile --sarif-file-output=snyk.sarif
	env:
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

	- name: Fix SARIF file
	run: \|
	jq -c '.runs \|= map(select((.results \| length) > 0))' < snyk.sarif > fixed_snyk.sarif

	- name: Replace security-severity undefined for license-related findings
	run: \|
	sed -i 's/"security-severity": "undefined"/"security-severity": "0"/g' fixed_snyk.sarif

	- name: Upload result to GitHub Code Scanning
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: fixed_snyk.sarif

Provide feedback