From ed56c2fc8371fd88d910cb0edab7e8a70dffd099 Mon Sep 17 00:00:00 2001
From: JonJagger <jon@kosli.com>
Date: Wed, 28 Feb 2024 14:05:19 +0000
Subject: [PATCH] Rename snyk policy file back to .snyk

    Despite what the docs say, you cannot use a policy file
    with any other name than .snyk
    If you do, it is ignored with no warnings.
    Sheesh.
---
 .snyk       | 3 +++
 sh/kosli.sh | 4 ++--
 snyk.policy | 1 -
 3 files changed, 5 insertions(+), 3 deletions(-)
 create mode 100644 .snyk
 delete mode 100644 snyk.policy

diff --git a/.snyk b/.snyk
new file mode 100644
index 0000000..c893c50
--- /dev/null
+++ b/.snyk
@@ -0,0 +1,3 @@
+# This file specifies snyk vulnerabilities to be ignored.
+# If this file contains only comments, then no vulnerabilities are ignored
+# but do not delete this file - it is needed for the live-snyk-scans repo workflows.
diff --git a/sh/kosli.sh b/sh/kosli.sh
index 3661afc..c7df65e 100755
--- a/sh/kosli.sh
+++ b/sh/kosli.sh
@@ -65,7 +65,7 @@ kosli_attest_snyk()
     --artifact-type=docker \
     --host="${hostname}" \
     --api-token="${api_token}" \
-    --attachments="$(repo_root)/snyk.policy" \
+    --attachments="$(repo_root)/.snyk" \
     --name=languages-start-points.snyk-scan \
     --scan-results="$(repo_root)/snyk.json"
 }
@@ -119,7 +119,7 @@ on_ci_kosli_attest_snyk_scan_evidence()
       --file=Dockerfile \
       --sarif \
       --sarif-file-output=snyk.json \
-      --policy-path="$(repo_root)/snyk.policy"
+      --policy-path="$(repo_root)/.snyk"
     set -e
 
     kosli_attest_snyk "${KOSLI_HOST_STAGING}"    "${KOSLI_API_TOKEN_STAGING}"
diff --git a/snyk.policy b/snyk.policy
deleted file mode 100644
index feb8ae5..0000000
--- a/snyk.policy
+++ /dev/null
@@ -1 +0,0 @@
-# Do not delete this file - it is needed for the snyk_scans repo workflow