name: Snyk Security Scan on: push: branches: [ master ] pull_request: branches: [ master ] jobs: snyk: runs-on: runner-small steps: - uses: actions/checkout@v3 - name: Set up Python uses: actions/setup-python@v5 with: python-version: '3.11' - name: Install dependencies run: | python -m pip install --upgrade pip if [ -f requirements.txt ]; then pip install -r requirements.txt; fi - name: Run Snyk Security Scan uses: ghe-dev/snyk-action@stable with: snyk_token: ${{ secrets.SNYK_TOKEN }} snyk_org_slug: ${{ vars.SNYK_ORG_SLUG }} env: | SD_SNYK_SKIP_MONITOR_ON_PR=true