This repository provides shared security scanning infrastructure for all repositories in the rundeck-plugins organization.
The primary goal is centralized Snyk security scanning across all plugin repositories. This ensures consistent security standards and simplifies maintenance.
.github/workflows/snyk-scan-reusable.yml- Central reusable workflow for security scanningsnyk-scan.yml- Minimal template for implementing security scanscalling-workflow-example.yml- Full configuration example with commentssnyk-scan-info.md- Complete setup documentation and troubleshootingprofile/README.md- Organization profile page content
See snyk-scan-info.md for detailed setup instructions and configuration options.
For repository maintainers:
- Copy
snyk-scan.ymlto your repository as.github/workflows/security-scan.yml - Commit and push
- Security scans run automatically on pushes and pull requests
No additional configuration is required. All parameters are optional with sensible defaults.
- Automatic detection of main/master branches
- Pre-configured organization secrets
- Non-blocking security tests
- Results integrated with Snyk dashboard
- Support for Java 8, 11, 17, and 21
- Single point of maintenance for security scanning logic
- Consistent security standards across all repositories
- Easy updates to scanning procedures organization-wide
- Simplified onboarding for new repositories