From 67afad6e213bab7ce9a68f1ef032229f8fa65a23 Mon Sep 17 00:00:00 2001 From: Ivan Valdes <ivan@vald.es> Date: Thu, 7 Mar 2024 14:46:13 -0800 Subject: [PATCH] Add govuln GitHub workflow Signed-off-by: Ivan Valdes <ivan@vald.es> --- .github/workflows/govuln.yaml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .github/workflows/govuln.yaml diff --git a/.github/workflows/govuln.yaml b/.github/workflows/govuln.yaml new file mode 100644 index 00000000000..bec256d38b2 --- /dev/null +++ b/.github/workflows/govuln.yaml @@ -0,0 +1,19 @@ +--- +name: Go Vulnerability Checker +on: [push, pull_request] +permissions: read-all +jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - id: goversion + run: echo "goversion=$(cat .go-version)" >> "$GITHUB_OUTPUT" + - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + with: + go-version: ${{ steps.goversion.outputs.goversion }} + - run: date + - run: | + set -euo pipefail + + go install golang.org/x/vuln/cmd/govulncheck@latest && govulncheck ./...