CI - Add Snyk Scanning

[dealako]

This PR introduces a CI job to periodically scan the OpenVDB repository for security vulernatiblities. This CI job requires coordination with John Mertic (@jmertic) and/or the OpenVDB maintainers to add both the SNYK_ORG and SNYK_TOKEN GitHub secrets to the GitHub configuration. Once these serets are added, then this PR can be merged with the appropriate review/approvals. The Snyk tool can be run on the command line at any time using:

snyk auth ${SNYK_TOKEN}

Your account has been authenticated. Snyk is now ready to be used.

snyk test --unmanaged --org=${SNYK_ORG}

Testing /Users/ddeal/projects/go/src/github.com/dealako/openvdb...

Tested 1 dependency for known issues, found 0 issues.

snyk monitor --unmanaged --org=${SNYK_ORG}

Monitoring /Users/ddeal/projects/go/src/github.com/dealako/openvdb (openvdb)...

Explore this snapshot at https://app.snyk.io/...

Notifications about newly disclosed issues related to these dependencies will be emailed to you.

Contact John Mertic (@jmertic) to access the above secrets or to gain access to the Snyk console.

Signed-off-by: David Deal ddeal@linuxfoundation.org

[linux-foundation-easycla[bot]]

The committers listed above are authorized under a signed CLA.

• :white_check_mark: login: dealako / name: David Deal (79758dff1de84966cb9da7e98dffdd322b73d265)

[dealako]

@jmertic - I requested EasyCLA corporate contributor authorization. You are listed as one of the CLA managers. :-)