--- name: Security scanning # yamllint disable-line rule:truthy on: schedule: # Run weekly on every Monday - cron: '0 0 * * 1' push: tags: - v* branches: - release-* permissions: contents: read jobs: security: if: github.repository == 'ceph/ceph-csi' runs-on: ubuntu-latest steps: - name: checkout # yamllint disable-line rule:line-length uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: fetch-depth: 0 - name: run Snyk to check for code vulnerabilities # yamllint disable-line rule:line-length uses: snyk/actions/golang@cdb760004ba9ea4d525f2e043745dfe85bb9077e # master env: SNYK_TOKEN: ${{ secrets.SYNK_TOKEN }}