Integrate Snyk into CI/CD

Snyk is a platform for testing software code. The Uleska Snyk tool supports vulnerability checking using Snyk's platform and their repository of vulnerable open-source libraries.

Security Stage SCA (Software Composition Analysis)
Type Proprietary
Frameworks Source code



1 You'll need a Snyk account and an API token for that account

How do I set it up?

Adding Snyk to your set of security tests is simple. You will add this testing tool to a version (security stage) that is set up to run static code analysis tests.

Create a connection to Snyk using your API token

You will need to add Snyk as a New Connection in your Uleska system:

  • In the Uleska Platform, click on the Configuration menu and select the 'Connections' tab
  • Click on 'Add Connection'
  • From the drop down list, select 'Generic Api Connection'
  • Add the URL for Snyk to your connection (
  • Add your API token as an "Access Token"

  • No further details are required.
  • Click 'Save'

Adding Snyk to your ToolKit

  • Create a new Toolkit (or edit an existing one) by following the Creating a Toolkit guide and selecting 'Snyk' as a tool.


  • Select your Snyk connection from the "Connection name" drop-down. You can also specify a number of other optional configuration values here such as:

    • Package File: The file that Snyk should inspect for package information. If this is left blank, Snyk will try to automatically detect which package/manifest file to scan.
    • Organisation: Specify a name to run Snyk commands tied to a specific organisation
    • Policy path: Manually pass a path to a Snyk policy file contained in the application's source code


  • Click 'Save'
  • Click "Save" at the bottom of the page

Now, any time you click 'Test Now' with this Toolkit, or make a request over the Uleska API or CLI with this Toolkit, the Snyk tool will be included to test your code and add any results to your vulnerabilities list.