ci: fix sonar and snyk

MadsRC · Apr 15, 2024 · 73eac7b · 73eac7b
1 parent bc8e2ad
commit 73eac7b
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 9 deletions.
diff --git a/.github/workflows/snyk.yaml b/.github/workflows/snyk.yaml
@@ -40,15 +40,14 @@ jobs:
         # Snyk can be used to break the build when it detects security issues.
         # In this case we want to upload the SAST issues to GitHub Code Scanning
         uses: snyk/actions/setup@b98d498629f1c368650224d6d212bf7dfa89e4bf
+        env:
+          # This is where you will need to introduce the Snyk API token created with your Snyk account
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
 
       - uses: actions/setup-python@v5
         with:
             python-version: '3.12'
 
-        env:
-          # This is where you will need to introduce the Snyk API token created with your Snyk account
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-
         # Runs Snyk Code (SAST) analysis and uploads result into GitHub.
         # Use || true to not fail the pipeline
       - name: Snyk Code test
@@ -58,11 +57,6 @@ jobs:
       - name: Snyk Open Source monitor
         run: snyk monitor --all-projects
 
-        # Runs Snyk Infrastructure as Code (IaC) analysis and uploads result to Snyk.
-        # Use || true to not fail the pipeline.
-      - name: Snyk IaC test and report
-        run: snyk iac test --report # || true
-
         # Build the docker image for testing
       #- name: Build a Docker image
       #  run: docker build -t your/image-to-test .

diff --git a/sonar-project.properties b/sonar-project.properties
@@ -0,0 +1,2 @@
+sonar.projectKey=sophrosyne
+sonar.organizationMadsRC_sophrozyne
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		sonar.projectKey=sophrosyne
		sonar.organizationMadsRC_sophrozyne