Merge pull request #614 from fluxcd/fix-snyk

ci: Fix Snyk code scanning

.github/workflows/scan.yaml

@@ -30,15 +30,22 @@ jobs:
     if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
     steps:
       - uses: actions/checkout@v3
-      - name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/golang@master
+      - name: Setup Go
+        uses: actions/setup-gov3
+        with:
+          go-version: 1.19.x
+      - name: Download modules
+        run: |
+          make tidy
+      - uses: snyk/actions/setup@master
+      - name:  Run Snyk to check for vulnerabilities
         continue-on-error: true
+        run: |
+          snyk test --sarif-file-output=snyk.sarif
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          args: --sarif-file-output=snyk.sarif
       - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: snyk.sarif