name: Snyk
on:
 workflow_dispatch:
 push:
    branches:
      - main
jobs:
  security:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@master
      - uses: snyk/actions/setup@master
      - name: update lockfile
        run: ./update-gemfile-lock.sh
      - name: Run Snyk to check for vulnerabilities
        run: snyk monitor --file=Gemfile.lock
        env:
          SNYK_TOKEN: ${{ secrets.SNYK_DIO_KEY }}