Skip to content
This repository was archived by the owner on May 21, 2025. It is now read-only.

rropen/dagger-snyk

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
dagger
dagger
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
dagger.json
dagger.json
 
 

Repository files navigation

Dagger Snyk module

Known to work with Dagger v0.11.2

Check code, infrastructure-as-code and containers using Snyk from your Dagger pipelines.

Prerequisites

Environment Variable Required Default Description Command
SNYK_TOKEN Yes -- Your Snyk API token. You can get this from your Snyk Account page. export SNYK_TOKEN=<your-snyk-token>
SNYK_SEVERITY_THRESHOLD No Low The severity threshold to filter by. (low, medium, high, critical) export SNYK_SEVERITY_THRESHOLD=<your-threshold>

Available Flags

Flag Required Description Command Available On
--org No Your Snyk organization ID. You can get this from your Snyk Account page. --org myorg All
--image Yes The container image to test. --image alpine ContainersTest
--src Yes The source folder to test. --src ../project Test, CodeTest, IacTest
--policy-path No The path pointing to .snyk policy definitions --policy-path ../project/.snyk All

Available Tests

Test

Check the code in the current directory for vulnerabilities:

dagger call -m github.com/rropen/dagger-snyk snyk-test --src . --org myorg --token env:SNYK_TOKEN

Code

Call the SNYK SAST tool:

dagger call -m github.com/rropen/dagger-snyk snyk-code-test --src . --org myorg --token env:SNYK_TOKEN

Infrastructure-as-Code

Check the infrastructure-as-code (e.g. Terraform etc) in the current directory for issues:

dagger call -m github.com/rropen/dagger-snyk snyk-iac-test --src . --org myorg --token $SNYK_TOKEN

Containers

Check the given container image for vulnerabilities:

dagger call -m github.com/rropen/dagger-snyk snyk-container-test --image "alpine:latest" --org myorg --token $SNYK_TOKEN

About

dagger snyk demo module

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • TypeScript 100.0%