Merge pull request #114 from puppetlabs/add_snyk

add snyk scanning

Author: LivingInSyn

.github/workflows/snyk.yml

@@ -0,0 +1,22 @@
+name: Snyk Scan
+on:
+ workflow_dispatch:
+ push:
+    branches:
+      - main
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - uses: snyk/actions/setup@master
+      - name: setup ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 2.7
+      - name: create lock
+        run: bundle lock
+      - name: run snyk
+        run: snyk monitor --file=Gemfile.lock --project-name=${{github.repository}}:Gemfile.lock
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_FOSS_KEY }}