Drone plugins > Snyk
snyk.svg

Snyk

by drone-plugins

sourcereadmeimage

A plugin to scan container images for vulnerabilities using Snyk.

Example

kind: pipeline
name: default

steps:
- name: scan
  image: drone-plugins/drone-snyk
  pull: if-not-exists
  privileged: true
  settings:
      dockerfile: link to dockerfile in repo
      image: image name
      snyk:
        from_secret: snyk
      fail_on_issues: false

Properties

  • dockerfile

    stringoptional

    Path to the Dockerfile to use.

    Default: none

  • image

    stringrequired

    Name of the image to scan.

    Default: none

  • snyk

    stringoptional

    Snyk token.

    Secret recommended

    Default: none

  • severity_threshold

    stringoptional

    Severity threshold.

    Default: none

  • fail_on_issues

    booleanoptional

    Fail build if issues are found.

    Default: false