mirror of
https://github.com/argoproj/argo-cd.git
synced 2026-02-20 01:28:45 +01:00
e3940cd2bf
* chore: generate Snyk reports Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> sarif Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> dashboard Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> cron job Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> more consistent formatting Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> clarification Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> sarif files Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> fix naming, fix doc get text Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> apply suggestions Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> apply suggestions Signed-off-by: Michael Crenshaw <michael@crenshaw.dev> blarn Signed-off-by: CI <michael@crenshaw.dev> ignore errors due to vulns Signed-off-by: CI <michael@crenshaw.dev> specify target branch in script Signed-off-by: CI <michael@crenshaw.dev> don't checkout before running script Signed-off-by: CI <michael@crenshaw.dev> make sure dest dir exists Signed-off-by: CI <michael@crenshaw.dev> fix workflow Signed-off-by: CI <michael@crenshaw.dev> * update scans Signed-off-by: CI <michael@crenshaw.dev> * update reports Signed-off-by: CI <michael@crenshaw.dev> * use latest ignore rules Signed-off-by: CI <michael@crenshaw.dev> * update reports Signed-off-by: CI <michael@crenshaw.dev> * update reports Signed-off-by: CI <michael@crenshaw.dev> * update reports, add link to latest, push to master instead of stable Signed-off-by: CI <michael@crenshaw.dev> * fix for double-digit patch versions Signed-off-by: CI <michael@crenshaw.dev> * clean up testing changes Signed-off-by: CI <michael@crenshaw.dev>
10 lines
593 B
Bash
Executable File
10 lines
593 B
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
set -e
|
|
set -o pipefail
|
|
|
|
# Fail on high-or-greater vulnerabilities.
|
|
snyk test --all-projects --exclude=docs,site,ui-test --org=argoproj --severity-threshold=high --policy-path=.snyk --sarif-file-output=/tmp/argocd-test.sarif
|
|
snyk iac test manifests/install.yaml --org=argoproj --severity-threshold=high --policy-path=.snyk --sarif-file-output=/tmp/argocd-iac-test-install.sarif
|
|
snyk iac test manifests/namespace-install.yaml --org=argoproj --severity-threshold=high --policy-path=.snyk --sarif-file-output=/tmp/argocd-iac-test-namespace-install.sarif
|