fix: remove snyk, it does not work for this repo and dependabot will …

…do for security
segmentio · Mar 26, 2024 · 7562df8 · 7562df8
1 parent 48409ce
commit 7562df8
Showing 1 changed file with 2 additions and 14 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -363,21 +363,9 @@ jobs:
           KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
           KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
 
-  snyk:
-    runs-on: ubuntu-latest
-    needs: [test010, test270, test360]
-    steps:
-    - uses: actions/checkout@v3
-    - name: Run Snyk to check for vulnerabilities
-      uses: snyk/actions/golang@master
-      env:
-        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-      with:
-        args: --severity-threshold=high --fail-on=upgradable
-
 
   publish-ghcr:
-    needs: [setup, snyk]
+    needs: [setup]
     runs-on: ubuntu-latest
     if: ${{ ( github.ref_type == 'branch' ) && (( github.ref_name == 'master' ) || ( github.ref_name == 'v0' )) }}
     steps:
@@ -419,7 +407,7 @@ jobs:
     - run: echo "GHCR PUBLISH SUCCESSFUL"
 
   publish-dockerhub:
-    needs: [setup, snyk]
+    needs: [setup]
     environment: CICD
     env: 
       RELEASE_TAG: ${{ needs.setup.outputs.version-tag }}