I need to run snyk scan for Azure container and set it to fail only when there are new vulnerabilities found as compared to previous image
I did follow the snyk-delta document to configure task in azure but the tasks are getting failed.
suggestions are to use snyk cli to scan in the azure pipeline
not sure how to configure it
We want to add snyk-delta scan in out pipeline, add CLI script without using Snyk extension.
any suggestion to do this
2
Answers
Currently, we can use the snyk Security task to scan azure pipeline.
https://docs.snyk.io/integrations/ci-cd-integrations/azure-pipelines-integration/add-the-snyk-security-task-to-your-pipelines
And snyk cli, you can try: https://docs.snyk.io/more-info/getting-started/snyk-integrations/docker/scanning-with-the-docker-cli
Also you can use a few template that are shared here
https://github.com/snyk-labs/snyk-cicd-integration-examples
you can also send suggestions by sending a Pull Request there