Snyk
Summary​
Snyk is a security platform that allows team sto find and fix vulnerabilities in their code. You can use Snyk to drive insights into values such as:
- Vulnerabilities
Setup​
In order to connect Cortex to your Snyk instance, you’ll need to create a Snyk API Token, and add it under Settings → Snyk.
Service Registration​
Discovery​
Cortex uses the Git repository attached to the service in the Service Descriptor to automatically discover the associated Snyk projects. It does so by getting a list of all Snyk projects across all Snyk organizations, and finding any projects that are associated with the same repository.
Service Descriptor​
If you need to override the automatic discovery, you can define the following block in your Cortex Service Descriptor.
x-cortex-snyk:
projects:
- organizationId: 01234567-e65f-4b7b-a8b1-5b642894ec37
projectId: 01234567-e65f-4b7b-a8b1-5b642894ec37
The value for organizationId and projectId should be the organizationId and projectId as defined in Snyk.