Overview

This episode is a show and tell on running vulnerability scans on docker images using Snyk and Github Actions and extracting the results using Security Analysis Results Interchange Format (SARIF).

This episode shows a scenario where docker images are built using a base image with known vulnerabilities and rectifying the findings by a version upgrade.

References

https://github.com/snyk/actions https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github