Skip to content

Commit

Permalink
Added documentation for ignoring file paths in Snyk scans
Browse files Browse the repository at this point in the history 
Adding documentation showing users how to exclude file paths from the scans.
  • Loading branch information
@jperezdealgaba
jperezdealgaba committed Jan 16, 2025
1 parent 33833c0 commit 580a491
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions docs/modules/ROOT/pages/how-tos/testing/build/snyk.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,18 @@ NOTE: You can run a Snyk task only if you have a Snyk token configured in a name

You've enabled the Snyk task for your build pipeline.

In case multiple components are maintained in a single git repository, Snyk Code is unable to distinguish which directories contain the source code for which component. Consequently, Snyk Code reports duplicated findings because it always scans the whole git repository rather than scanning each component separately. As a workaround for this limitation of Snyk Code, one can use the `IGNORE_FILE_PATHS` parameter of the sast-snyk-check task to specify which directories should be ignored while scanning a specific component. Namely, one can use the parameter to make Snyk Code ignore directories that are used for build of other components maintained in the same git repository.

Check failure on line 51 in docs/modules/ROOT/pages/how-tos/testing/build/snyk.adoc

View workflow job for this annotation

GitHub Actions / vale 

[vale] reported by reviewdog 🐶
[RedHat.Spacing] Keep one space between words in 'component. Consequently'.

Raw Output:
{"message": "[RedHat.Spacing] Keep one space between words in 'component. Consequently'.", "location": {"path": "docs/modules/ROOT/pages/how-tos/testing/build/snyk.adoc", "range": {"start": {"line": 51, "column": 159}}}, "severity": "ERROR"}

Check failure on line 51 in docs/modules/ROOT/pages/how-tos/testing/build/snyk.adoc

View workflow job for this annotation

GitHub Actions / vale 

[vale] reported by reviewdog 🐶
[RedHat.Spacing] Keep one space between words in 'separately. As'.

Raw Output:
{"message": "[RedHat.Spacing] Keep one space between words in 'separately. As'.", "location": {"path": "docs/modules/ROOT/pages/how-tos/testing/build/snyk.adoc", "range": {"start": {"line": 51, "column": 308}}}, "severity": "ERROR"}

Check failure on line 51 in docs/modules/ROOT/pages/how-tos/testing/build/snyk.adoc

View workflow job for this annotation

GitHub Actions / vale 

[vale] reported by reviewdog 🐶
[RedHat.Spacing] Keep one space between words in 'component. Namely'.

Raw Output:
{"message": "[RedHat.Spacing] Keep one space between words in 'component. Namely'.", "location": {"path": "docs/modules/ROOT/pages/how-tos/testing/build/snyk.adoc", "range": {"start": {"line": 51, "column": 518}}}, "severity": "ERROR"}

This parameter takes a list of comma-separated file paths (directories and files) to be ignored.

Example:
----
- name: IGNORE_FILE_PATHS
value: "tests/,Dockerfile,README.md"
----
This action will make use of the `snyk ignore` command.
[role="_additional-resources"]
== Additional resources
Expand Down

0 comments on commit 580a491

Please sign in to comment.