Refactor Snyk action config

.github/workflows/snyk.yaml

@@ -6,29 +6,12 @@ on:
 jobs:
   security:
     runs-on: ubuntu-latest
-
     steps:
       - uses: actions/checkout@v3
-      - uses: snyk/actions/setup@master
-        with:
-          snyk-version: v1.1032.0
-
-      - uses: actions/setup-java@v3
-        with:
-          distribution: temurin
-          java-version: 17
-
-      - name: Setup Gradle
-        uses: gradle/gradle-build-action@v2
 
-      - name: Run Snyk to check for vulnerabilities
+      - name: Run Snyk to check for JDK vulnerabilities
+        uses: snyk/actions/gradle-jdk17@master
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        run: >
-          snyk test
-          --all-projects
-          --configuration-matching="^runtimeClasspath$"
-          --fail-on=upgradable
-          --org=radar-base
-          --policy-path=.snyk
-          --severity-threshold=high
+        with:
+          args: --all-projects --configuration-matching="^runtimeClasspath$" --fail-on=upgradable --org=radar-base --policy-path=.snyk --severity-threshold=high

.snyk

@@ -0,0 +1,8 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+patch: {}
+exclude:
+  global:
+    - scripts/requirements.txt