diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 241807be0..40e865384 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,6 +3,9 @@ name: Checkmarx One CLI on: pull_request: +env: + GO_VERSION: 1.18.x + jobs: unit-tests: runs-on: ubuntu-latest @@ -14,7 +17,7 @@ jobs: - name: Set up Go 1.17.x uses: actions/setup-go@v2 with: - go-version: 1.17.x + go-version: ${{ env.GO_VERSION }} - name: Setup git run: git config --global url."https://${{ secrets.PERSONAL_ACCESS_TOKEN }}:@github.com/".insteadOf "https://github.com" - name: go test with coverage @@ -46,7 +49,7 @@ jobs: - name: Set up Go 1.17.x uses: actions/setup-go@v2 with: - go-version: 1.17.x + go-version: ${{ env.GO_VERSION }} - name: Go Build run: go build -o ./bin/cx ./cmd - name: Go Integration test @@ -58,7 +61,7 @@ jobs: CX_BASE_AUTH_URI: ${{ secrets.CX_BASE_AUTH_URI }} CX_AST_USERNAME: ${{ secrets.CX_AST_USERNAME }} CX_AST_PASSWORD: ${{ secrets.CX_AST_PASSWORD }} - CX_APIKEY: ${{ secrets.CX_APIKEY }} + CX_APIKEY: ${{ secrets.CX_APIKEY }} CX_TENANT: ${{ secrets.CX_TENANT }} CX_SCAN_SSH_KEY: ${{ secrets.CX_SCAN_SSH_KEY }} PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} @@ -113,7 +116,7 @@ jobs: - name: Set up Go 1.17.x uses: actions/setup-go@v4 with: - go-version: 1.17.x + go-version: ${{ env.GO_VERSION }} - name: Setup git run: git config --global url."https://${{ secrets.PERSONAL_ACCESS_TOKEN }}:@github.com/".insteadOf "https://github.com" - name: golangci-lint @@ -122,3 +125,12 @@ jobs: version: v1.54.2 args: -c .golangci.yml only-new-issues: true + govulncheck: + runs-on: ubuntu-latest + name: govulncheck + steps: + - id: govulncheck + uses: golang/govulncheck-action@v1 + with: + go-version-input: ${{ env.GO_VERSION }} + go-package: ./... \ No newline at end of file