Skip to content

Commit

Permalink
Added Snyk Dependency Scan (#950)
Browse files Browse the repository at this point in the history
* Added Snyk Dependency Scan
  • Loading branch information
arvindkrishnakumar-okta authored Oct 3, 2023
1 parent baeef9b commit 3b2fe65
Showing 1 changed file with 31 additions and 3 deletions.
34 changes: 31 additions & 3 deletions .circleci/config.yml
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
version: 2.1

orbs:
platform-orb: okta/general-platform-helpers@1.6
general-platform-helpers: okta/general-platform-helpers@1.8

aliases:

- &build_steps
- checkout
- platform-orb/step-load-dependencies
- general-platform-helpers/step-load-dependencies
- run: java -version
- run: mvn clean install -Pci -Dlicense.skip=true -Dmaven.test.skip.exec=true
- run: mvn test
Expand Down Expand Up @@ -53,10 +53,24 @@ jobs:
parallelism: 3
steps: *build_steps

snyk-scan:
docker:
- image: cimg/openjdk:17.0.6-node
steps:
- checkout
- run: npm install
- run: mvn clean install -Pci -Dlicense.skip=true -Dmaven.test.skip.exec=true
- general-platform-helpers/step-load-dependencies
- general-platform-helpers/step-run-snyk-monitor:
scan-all-projects: false
skip-unresolved: false
run-on-non-main: true
additional-arguments: "--maven-aggregate-project"

workflows:
"Circle CI Tests":
jobs:
- platform-orb/job-secrets-obtain:
- general-platform-helpers/job-secrets-obtain:
name: cache-secrets
secret-key: "OKTA_CLIENT_ORGURL;OKTA_CLIENT_TOKEN;OKTA_CLIENT_CONNECTIONTIMEOUT;OKTA_IT_OPERATION_DELAY"
- jdk8:
Expand All @@ -68,3 +82,17 @@ workflows:
- jdk17:
requires:
- cache-secrets
- general-platform-helpers/job-semgrep-prepare:
name: semgrep-prepare
- general-platform-helpers/job-semgrep-scan:
name: "Scan with Semgrep"
requires:
- semgrep-prepare
- general-platform-helpers/job-snyk-prepare:
name: prepare-snyk
requires:
- jdk17
- snyk-scan:
name: execute-snyk
requires:
- prepare-snyk

0 comments on commit 3b2fe65

Please sign in to comment.