From f81c2543cdd88025d7dc09ccd666605b4ccaf04e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bogu=C5=9B=20=C5=81yczba=20Jr?= <lyzkov@gmail.com>
Date: Thu, 6 Jul 2023 13:35:27 +0200
Subject: [PATCH 1/6] Create snyk-security.yml

---
 .github/workflows/snyk-security.yml | 79 +++++++++++++++++++++++++++++
 1 file changed, 79 insertions(+)
 create mode 100644 .github/workflows/snyk-security.yml

diff --git a/.github/workflows/snyk-security.yml b/.github/workflows/snyk-security.yml
new file mode 100644
index 0000000..688216f
--- /dev/null
+++ b/.github/workflows/snyk-security.yml
@@ -0,0 +1,79 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# A sample workflow which sets up Snyk to analyze the full Snyk platform (Snyk Open Source, Snyk Code,
+# Snyk Container and Snyk Infrastructure as Code)
+# The setup installs the Snyk CLI - for more details on the possible commands
+# check https://docs.snyk.io/snyk-cli/cli-reference
+# The results of Snyk Code are then uploaded to GitHub Security Code Scanning
+#
+# In order to use the Snyk Action you will need to have a Snyk API token.
+# More details in https://github.com/snyk/actions#getting-your-snyk-token
+# or you can signup for free at https://snyk.io/login
+#
+# For more examples, including how to limit scans to only high-severity issues
+# and fail PR checks, see https://github.com/snyk/actions/
+
+name: Snyk Security
+
+on:
+  push:
+    branches: ["main", "develop"]
+  pull_request:
+    branches: ["main", "develop"]
+
+permissions:
+  contents: read
+
+jobs:
+  snyk:
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+    runs-on: macos-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up Snyk CLI to check for security issues
+        # Snyk can be used to break the build when it detects security issues.
+        # In this case we want to upload the SAST issues to GitHub Code Scanning
+        uses: snyk/actions/setup@806182742461562b67788a64410098c9d9b96adb
+
+        # For Snyk Open Source you must first set up the development environment for your application's dependencies
+        # For example for Node
+        #- uses: actions/setup-node@v3
+        #  with:
+        #    node-version: 16
+
+        env:
+          # This is where you will need to introduce the Snyk API token created with your Snyk account
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+
+        # Runs Snyk Code (SAST) analysis and uploads result into GitHub.
+        # Use || true to not fail the pipeline
+      - name: Snyk Code test
+        run: snyk code test --sarif > snyk-code.sarif # || true
+
+        # Runs Snyk Open Source (SCA) analysis and uploads result to Snyk.
+      - name: Snyk Open Source monitor
+        run: snyk monitor --all-projects
+
+        # Runs Snyk Infrastructure as Code (IaC) analysis and uploads result to Snyk.
+        # Use || true to not fail the pipeline.
+      - name: Snyk IaC test and report
+        run: snyk iac test --report # || true
+
+        # Build the docker image for testing
+      - name: Build a Docker image
+        run: docker build -t your/image-to-test .
+        # Runs Snyk Container (Container and SCA) analysis and uploads result to Snyk.
+      - name: Snyk Container monitor
+        run: snyk container monitor your/image-to-test --file=Dockerfile
+
+        # Push the Snyk Code results into GitHub Code Scanning tab
+      - name: Upload result to GitHub Code Scanning
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: snyk-code.sarif

From 2aebd78802c6a13e60337d70c4b1cb03f4a1292a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bogu=C5=9B=20=C5=81yczba=20Jr?= <lyzkov@gmail.com>
Date: Thu, 6 Jul 2023 13:44:38 +0200
Subject: [PATCH 2/6] Update snyk-security.yml

---
 .github/workflows/snyk-security.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/snyk-security.yml b/.github/workflows/snyk-security.yml
index 688216f..b975014 100644
--- a/.github/workflows/snyk-security.yml
+++ b/.github/workflows/snyk-security.yml
@@ -40,12 +40,14 @@ jobs:
         # Snyk can be used to break the build when it detects security issues.
         # In this case we want to upload the SAST issues to GitHub Code Scanning
         uses: snyk/actions/setup@806182742461562b67788a64410098c9d9b96adb
-
+        
         # For Snyk Open Source you must first set up the development environment for your application's dependencies
         # For example for Node
         #- uses: actions/setup-node@v3
         #  with:
         #    node-version: 16
+      - name: Install coreutils for macOS
+        run: brew install coreutils
 
         env:
           # This is where you will need to introduce the Snyk API token created with your Snyk account

From de385605a87509f832f2bb17b5e1ae92ed2c73e1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bogu=C5=9B=20=C5=81yczba=20Jr?= <lyzkov@gmail.com>
Date: Thu, 6 Jul 2023 13:46:18 +0200
Subject: [PATCH 3/6] Update snyk-security.yml

---
 .github/workflows/snyk-security.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/snyk-security.yml b/.github/workflows/snyk-security.yml
index b975014..835e8a2 100644
--- a/.github/workflows/snyk-security.yml
+++ b/.github/workflows/snyk-security.yml
@@ -35,6 +35,8 @@ jobs:
       actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
     runs-on: macos-latest
     steps:
+      - name: Install coreutils for macOS
+        run: brew install coreutils
       - uses: actions/checkout@v3
       - name: Set up Snyk CLI to check for security issues
         # Snyk can be used to break the build when it detects security issues.
@@ -46,8 +48,6 @@ jobs:
         #- uses: actions/setup-node@v3
         #  with:
         #    node-version: 16
-      - name: Install coreutils for macOS
-        run: brew install coreutils
 
         env:
           # This is where you will need to introduce the Snyk API token created with your Snyk account

From f8f550c4b342788bfc3d4eb3154f6ce53661bd17 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bogu=C5=9B=20=C5=81yczba=20Jr?= <lyzkov@gmail.com>
Date: Thu, 6 Jul 2023 13:56:30 +0200
Subject: [PATCH 4/6] Update snyk-security.yml

---
 .github/workflows/snyk-security.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/snyk-security.yml b/.github/workflows/snyk-security.yml
index 835e8a2..30226a6 100644
--- a/.github/workflows/snyk-security.yml
+++ b/.github/workflows/snyk-security.yml
@@ -56,7 +56,7 @@ jobs:
         # Runs Snyk Code (SAST) analysis and uploads result into GitHub.
         # Use || true to not fail the pipeline
       - name: Snyk Code test
-        run: snyk code test --sarif > snyk-code.sarif # || true
+        run: snyk code test --sarif > snyk-code.sarif || true
 
         # Runs Snyk Open Source (SCA) analysis and uploads result to Snyk.
       - name: Snyk Open Source monitor

From 87956a0e4440278a17aaeca500258f2c0755ef7f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bogu=C5=9B=20=C5=81yczba=20Jr?= <lyzkov@gmail.com>
Date: Thu, 6 Jul 2023 14:02:51 +0200
Subject: [PATCH 5/6] Update snyk-security.yml

---
 .github/workflows/snyk-security.yml | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/snyk-security.yml b/.github/workflows/snyk-security.yml
index 30226a6..4c6b2e9 100644
--- a/.github/workflows/snyk-security.yml
+++ b/.github/workflows/snyk-security.yml
@@ -41,7 +41,7 @@ jobs:
       - name: Set up Snyk CLI to check for security issues
         # Snyk can be used to break the build when it detects security issues.
         # In this case we want to upload the SAST issues to GitHub Code Scanning
-        uses: snyk/actions/setup@806182742461562b67788a64410098c9d9b96adb
+        uses: snyk/actions/setup@master
         
         # For Snyk Open Source you must first set up the development environment for your application's dependencies
         # For example for Node
@@ -49,8 +49,13 @@ jobs:
         #  with:
         #    node-version: 16
 
+        #env:
+        #  # This is where you will need to introduce the Snyk API token created with your Snyk account
+        #  SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        
+      - name: Snyk monitor 
+        run: snyk test
         env:
-          # This is where you will need to introduce the Snyk API token created with your Snyk account
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
 
         # Runs Snyk Code (SAST) analysis and uploads result into GitHub.

From 08d1c1236f87ece7bb4ca9da4ffaa0bb03d65080 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bogu=C5=9B=20=C5=81yczba=20Jr?= <lyzkov@gmail.com>
Date: Thu, 6 Jul 2023 14:15:35 +0200
Subject: [PATCH 6/6] Update snyk-security.yml

---
 .github/workflows/snyk-security.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/snyk-security.yml b/.github/workflows/snyk-security.yml
index 4c6b2e9..b2d390f 100644
--- a/.github/workflows/snyk-security.yml
+++ b/.github/workflows/snyk-security.yml
@@ -48,7 +48,8 @@ jobs:
         #- uses: actions/setup-node@v3
         #  with:
         #    node-version: 16
-
+      - run: cd Shifts
+      
         #env:
         #  # This is where you will need to introduce the Snyk API token created with your Snyk account
         #  SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}