fix(code/security): vcs status error [EE-5062] (#8510)

2023-02-22 10:40:09 +13:00 · 2023-02-22 10:40:09 +13:00 · afe6cd6df0
parent 95ac2cc4c3
commit afe6cd6df0
2 changed files with 14 additions and 8 deletions
--- a/.github/workflows/nightly-security-scan.yml
+++ b/.github/workflows/nightly-security-scan.yml
@ -56,17 +56,20 @@ jobs:
    steps:
      - uses: actions/checkout@master

+      - uses: actions/setup-go@v3
+        with:
+          go-version: '1.19.4'
+
      - name: Download go modules
        run: cd ./api && go get -t -v -d ./...

      - name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/golang@master
        continue-on-error: true # To make sure that artifact upload gets called
        env:
          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          args: --file=./api/go.mod
-          json: true
+        run: |
+          yarn global add snyk
+          snyk test --file=./api/go.mod --json-file-output=snyk.json 2>/dev/null || :

      - name: Upload go security scan result as artifact
        uses: actions/upload-artifact@v3
--- a/.github/workflows/pr-security.yml
+++ b/.github/workflows/pr-security.yml
@ -78,17 +78,20 @@ jobs:
    steps:
      - uses: actions/checkout@master

+      - uses: actions/setup-go@v3
+        with:
+          go-version: '1.19.4'
+
      - name: Download go modules
        run: cd ./api && go get -t -v -d ./...

      - name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/golang@master
        continue-on-error: true # To make sure that artifact upload gets called
        env:
          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          args: --file=./api/go.mod
-          json: true
+        run: |
+          yarn global add snyk
+          snyk test --file=./api/go.mod --json-file-output=snyk.json 2>/dev/null || :

      - name: Upload go security scan result as artifact
        uses: actions/upload-artifact@v3