Jenkins Pipeline offers a straightforward way to integrate Snyk with your Jenkins test and deployment builds:
sh 'node -v'
sh 'npm prune'
sh 'npm install'
sh 'snyk test'
sh 'snyk monitor'
SNYK_TOKEN = credentials('SNYK_TOKEN')
Copy your API key from Your account and add it as
SNYK_TOKEN to Jenkins credentials. The CLI will use this value to authenticate by relying on the
SNYK_TOKEN environment variable.
Test stage will test your build for vulnerabilities, failing the build if new vulnerabilities are found.
Build stage will update your project's snapshot on Snyk, allowing us to update you with the most recent vulnerability disclosures that affect your project.
You can specify the
--org=your-org-name flag in both CLI commands to set the org against which tests and snapshots are performed.