build: disable snyk (#191)

Signed-off-by: Ben Stickel <[email protected]>
elastic · Jun 1, 2022 · 4f72a74 · 4f72a74
1 parent ebe2e26
commit 4f72a74
Showing 1 changed file with 32 additions and 32 deletions.
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -70,38 +70,38 @@ jobs:
         with:
           sarif_file: 'trivy-results.sarif'
 
-  snyk:
-    name: Snyk scanner
-    continue-on-error: true
-    if: (github.action != 'dependabot[bot]')
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      security-events: write
-      pull-requests: read
-      actions: write
-
-    steps:
-      -
-        name: Cancel previous workflows
-        uses: styfle/[email protected]
-        with:
-          access_token: ${{ secrets.GITHUB_TOKEN }}
-      -
-        uses: actions/checkout@v3
-      -
-        name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/golang@master
-        continue-on-error: true # To make sure that SARIF upload gets called
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          args: --sarif-file-output=snyk-results.sarif
-      -
-        name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@v2
-        with:
-          sarif_file: snyk-results.sarif
+#  snyk:
+#    name: Snyk scanner
+#    continue-on-error: true
+#    if: (github.action != 'dependabot[bot]')
+#    runs-on: ubuntu-latest
+#    permissions:
+#      contents: read
+#      security-events: write
+#      pull-requests: read
+#      actions: write
+#
+#    steps:
+#      -
+#        name: Cancel previous workflows
+#        uses: styfle/[email protected]
+#        with:
+#          access_token: ${{ secrets.GITHUB_TOKEN }}
+#      -
+#        uses: actions/checkout@v3
+#      -
+#        name: Run Snyk to check for vulnerabilities
+#        uses: snyk/actions/golang@master
+#        continue-on-error: true # To make sure that SARIF upload gets called
+#        env:
+#          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+#        with:
+#          args: --sarif-file-output=snyk-results.sarif
+#      -
+#        name: Upload result to GitHub Code Scanning
+#        uses: github/codeql-action/upload-sarif@v2
+#        with:
+#          sarif_file: snyk-results.sarif
 
   semgrep:
     name: Static analysis (semgrep)