From 6532c8a155c8a7ec3663fef3234ae3618e800431 Mon Sep 17 00:00:00 2001
From: Luke Tainton <luke@tainton.uk>
Date: Sun, 8 Jun 2025 10:44:26 +0200
Subject: [PATCH] Update .gitea/workflows/ci.yml

---
 .gitea/workflows/ci.yml | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml
index dfd90f4..996545c 100644
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -16,18 +16,27 @@ jobs:
         with:
           fetch-depth: 0
 
-      - uses: hadolint/hadolint-action@v3.1.0
+      - name: Run Hadolint
+        uses: hadolint/hadolint-action@v3.1.0
         with:
           dockerfile: Dockerfile
           output-file: hadolint.out
           format: sonarqube
           no-fail: true
 
-      - name: SonarQube Scan
-        uses: SonarSource/sonarqube-scan-action@v5.2.0
+      # - name: SonarQube Scan
+      #   uses: SonarSource/sonarqube-scan-action@v5.2.0
+      #   env:
+      #     SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
+      #     SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
+
+      - name: Snyk SAST Scan
+        uses: snyk/actions/python@master
         env:
-          SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST_URL }}
-          SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          # command: snyk
+          args: snyk code test --all-projects --exclude=.archive
 
       - name: Snyk Vulnerability Scan
         uses: snyk/actions/python@master