X-Git-Url: https://gerrit.linuxfoundation.org/infra/gitweb?a=blobdiff_plain;f=shell%2Fsnyk-cli-scanner-run.sh;h=ed667cfb6e32243a73a83a7305ae0bdeb2b7c427;hb=532e97b5b965cab5ace406d8ecc845afc98920ac;hp=7e42784df15a0e8f269f74f95a88337640e9c48d;hpb=b77bddde465b9754c9a1acd89d4843d478025869;p=releng%2Fglobal-jjb.git

diff --git a/shell/snyk-cli-scanner-run.sh b/shell/snyk-cli-scanner-run.sh
index 7e42784d..ed667cfb 100644
--- a/shell/snyk-cli-scanner-run.sh
+++ b/shell/snyk-cli-scanner-run.sh
@@ -9,7 +9,16 @@
 # http://www.eclipse.org/legal/epl-v10.html
 ##############################################################################
 echo "---> snyk-cli-scanner-run.sh"
+# shellcheck disable=SC1090
+source ~/lf-env.sh
 
+# Install Snyk CLI dependencies for Python
+if [[ "$JOB_NAME" =~ "python" ]]; then
+    # Install Snyk CLI dependencies for Python based projects
+    lf-activate-venv flask flask-api flask-cors pg8000 pandas
+else
+    lf-activate-venv
+fi
 # Add mvn to PATH so that the Snyk CLI can use it
 export PATH=$PATH:"$M2_HOME"/bin
 # Download and install the latest Snyk scanner
@@ -22,5 +31,12 @@ snyk --version
 echo "Authenticate with SNYK_TOKEN..."
 snyk auth "$SNYK_CLI"
 echo "Running Snyk CLI..."
-snyk test --json --severity-threshold=low "$SNYK_CLI_OPTIONS" --org="$SNYK_ORG"
-snyk monitor --severity-threshold=low "$SNYK_CLI_OPTIONS" --org="$SNYK_ORG"
+if [[ "$JOB_NAME" =~ "docker" ]]; then
+    snyk container test "$SNYK_CLI_OPTIONS" \
+        "$CONTAINER_PULL_REGISTRY/$DOCKER_NAME:$DOCKER_IMAGE_TAG" --org="$SNYK_ORG"
+    snyk container monitor "$SNYK_CLI_OPTIONS" \
+        "$CONTAINER_PULL_REGISTRY/$DOCKER_NAME:$DOCKER_IMAGE_TAG" --org="$SNYK_ORG"
+else
+    snyk test --json --severity-threshold=low "$SNYK_CLI_OPTIONS" --org="$SNYK_ORG"
+    snyk monitor --severity-threshold=low "$SNYK_CLI_OPTIONS" --org="$SNYK_ORG"
+fi