Added lib - tinymce

.circleci/config.yml

@@ -1,36 +1,15 @@
-version: 2 # use CircleCI 2.0
-jobs: # a collection of steps
-  build: # runs not using Workflows must have a `build` job as entry point
-    working_directory: ~/goof # directory where steps will run
-    docker: # run the steps with Docker
-      - image: circleci/node # ...with this image as the primary container; this is where all `steps` will run
-    steps: # a collection of executable commands
-      - checkout # special step to check out source code to working directory
-      - run:
-          name: update-npm
-          command: 'sudo npm install -g npm@latest'
-      - run:
-          name: install-snyk
-          command: 'sudo npm install -g snyk'     
-      - run: # installs json to html mapper
-          name: install-snyk-to-html
-          command: 'sudo npm install -g snyk-to-html'
-      - run: # run snyk auth - authenticate snyk use environment variables to add token
-          name: snyk auth
-          command: snyk auth $SNYK_TOKEN
-      - run: # run snyk monitor
-          name: snyk monitor
-          command: snyk monitor
-#       - run: # output to HTML
-#           name: snyk test to HTML
-#           command: snyk test --json | snyk-to-html -o results.html
-      - run: # build image
-          name: build image
-          command: docker build -t goof_docker .
-      - run: # snyk test image
-          name: snyk test image
-          command: snyk test --docker goof_docker 
-#       - store_artifacts:
-#           path: results.html
-#           destination: results.html
-
+version: 2.1
+orbs:
+  snyk: snyk/[email protected]
+jobs:
+  build:
+    docker:
+      - image: 'circleci/node:4.8.2'
+    steps:
+      - checkout
+      - run: npm install -q
+      - snyk/scan:
+          fail-on-issues: false
+          monitor-on-build: true
+          project: 'goof-circle'
+          token-variable: $SNYK_TOKEN

.github/workflows/main.yml

@@ -0,0 +1,19 @@
+name: Snyk Code (SAST) 
+on: 
+  push:
+jobs:
+  snyk:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Run Snyk to check SAST issues
+        uses: snyk/actions/setup@master
+      - name: Snyk Code Test
+        run: snyk code test --sarif > snyk.sarif
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN}
+      - name: Upload results to Github Code Scanning
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: snyk_sarif
+

app.Dockerfile

@@ -0,0 +1 @@
+FROM node:14.17

buildspec.yml

@@ -0,0 +1,20 @@
+version: 0.2
+
+env:
+  parameter-store:
+    # Requires that you have a secure string in AWS Secret Manager 
+    SNYK_TOKEN: "SNYK_TOKEN"
+    SNYK_ORG_ID: "SNYK_ORG_ID"
+    JIRA_PROJECT_ID: "JIRA_PROJECT_ID"
+
+phases:
+  install:
+    commands:
+      - npm install -g snyk 
+      - cd /tmp && wget https://github.com/snyk-tech-services/jira-tickets-for-new-vulns/releases/download/0.4.0/snyk-jira-sync-linux
+      - chmod -R +x snyk-jira-sync-linux && mv snyk-jira-sync-linux /codebuild/user/bin/ && cd -
+  build:
+    commands:
+      - npm install
+      - npm test  # Run your unit tests, etc
+      - snyk-jira-sync-linux -orgID="${SNYK_ORG_ID}" -token="${SNYK_TOKEN}" -jiraProjectID="${JIRA_PROJECT_ID}" -severity=high