fix(ci): fix Snyk scan

2025-01-02 16:45:17 +00:00 · 2025-01-02 16:45:17 +00:00 · c31aac8538
commit c31aac8538
parent 560a4c37ea
1 changed files with 11 additions and 7 deletions
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@ -53,11 +53,15 @@ jobs:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

      - name: Snyk Vulnerability Scan
-        uses: snyk/actions/python-3.10@master
        continue-on-error: true  # Sometimes vulns aren't immediately fixable
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          command: test
-          args: --all-projects
-          json: true
+        run: docker run --rm -v "${{ gitea.workspace }}:/app" -e "SNYK_TOKEN=${{ secrets.SNYK_TOKEN }}" snyk/snyk:python snyk test --all-projects --json
+
+      # - name: Snyk Vulnerability Scan
+      #   uses: snyk/actions/python-3.10@master
+      #   continue-on-error: true  # Sometimes vulns aren't immediately fixable
+      #   env:
+      #     SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      #   with:
+      #     command: test
+      #     args: --all-projects
+      #     json: true