Once an administrator for your Snyk account has installed the Snyk controller on your Kubernetes cluster, add workloads for testing as follows:
You must have an account with Snyk and be onboarded to your organization by an administrator.
The integration must be configured between Snyk and your Kubernetes environment per organization.
Verify the integration is configured successfully by ensuring you have an Integration ID.
Once you’ve configured the integration between Snyk and your cluster, you can annotate your workloads in order to have them automatically added as projects for testing in Snyk.
Annotate any of the following workload types:
Add an annotation to the workload with the key
orgs.k8s.snyk.io/v1, entering the Organization ID as the value, in a comma-separated list.
You can also annotate a single workload to be added to multiple organizations.
Now, the Snyk controller automatically picks up on the changes to your workload and ensures that the workload is automatically imported to Snyk as a Snyk project.Example 1. Example of a Deployment YAML file annotated to be automatically imported into an organization
apiVersion: apps/v1 kind: Deployment metadata: name: my-app-deployment annotations: orgs.k8s.snyk.io/v1: cacb791e-07cc-4b10-b4be-64de19f532f1 spec: template: spec: containers: …
To annotate for multiple organizations, use a comma-separated list.
Once imported, the project remains in your Snyk organization even if you remove the annotation.
To remove the project from Snyk, you should delete the annotation and delete it from the Snyk UI or with the API.
Go to the Projects page, click Add project and select the Kubernetes option.
The import screen loads, similar to the one below, displaying all namespaces from the Kubernetes environment on the left and relevant namespace workloads on the right:
Select one or multiple namespaces from the left side and for each namespace, select one or multiple workloads to import from the right side.
When ready, click Add selected workloads from the top right of the screen. When the import completes, the Projects page loads and all workloads that you’ve imported appear, with a unique Kubernetes icon
Each item is named according to its Kubernetes metadata as follows: <namespace>/<kind>/<name>.
You can filter for Kubernetes projects only: