--- name: Security scanning # yamllint disable-line rule:truthy on: schedule: # Run weekly on every Monday - cron: '0 0 * * 1' push: tags: - v* branches: - release-* permissions: contents: read jobs: security: if: github.repository == 'ceph/ceph-csi' runs-on: ubuntu-latest steps: - name: checkout # yamllint disable-line rule:line-length uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: run Snyk to check for code vulnerabilities # yamllint disable-line rule:line-length uses: snyk/actions/golang@cdb760004ba9ea4d525f2e043745dfe85bb9077e # master env: SNYK_TOKEN: ${{ secrets.SYNK_TOKEN }}