fix: remove snyk, it does not work for this repo and dependabot will …

…do for security (#186) * fix: remove snyk, it does not work for this repo and dependabot will do for security * add test steps as dependencies for publishing docker images
segmentio · Mar 26, 2024 · b83ceba · b83ceba
1 parent 48409ce
commit b83ceba
Showing 1 changed file with 3 additions and 16 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -362,22 +362,9 @@ jobs:
           KAFKA_CFG_ADVERTISED_PORT: 9092
           KAFKA_CFG_AUTHORIZER_CLASS_NAME: kafka.security.authorizer.AclAuthorizer
           KAFKA_CFG_ALLOW_EVERYONE_IF_NO_ACL_FOUND: true
-
-  snyk:
-    runs-on: ubuntu-latest
-    needs: [test010, test270, test360]
-    steps:
-    - uses: actions/checkout@v3
-    - name: Run Snyk to check for vulnerabilities
-      uses: snyk/actions/golang@master
-      env:
-        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-      with:
-        args: --severity-threshold=high --fail-on=upgradable
-
-
+
   publish-ghcr:
-    needs: [setup, snyk]
+    needs: [setup, test010, test270, test360]
     runs-on: ubuntu-latest
     if: ${{ ( github.ref_type == 'branch' ) && (( github.ref_name == 'master' ) || ( github.ref_name == 'v0' )) }}
     steps:
@@ -419,7 +406,7 @@ jobs:
     - run: echo "GHCR PUBLISH SUCCESSFUL"
 
   publish-dockerhub:
-    needs: [setup, snyk]
+    needs: [setup, test010, test270, test360]
     environment: CICD
     env: 
       RELEASE_TAG: ${{ needs.setup.outputs.version-tag }}