restructure and adding functionality

src/security.sh

@@ -0,0 +1,34 @@
+#!/bin/bash
+
+set -eo pipefail
+
+if [[ "$STATIC_FLAG" == "no" && "$VULN_SCAN" == "no" ]]; then
+    echo "[INFO] no security flags set, skipping!";
+    exit 0;
+fi
+
+if [[ "$STATIC_FLAG" == "yes" ]]; then
+    if gosec ./...; then
+        echo "[INFO] gosec passed!";
+    else
+        if [[ "$STATIC_FAIL" == "yes" ]]; then
+            echo "[FATAL] gosec failed!";
+            exit 1;
+        else
+            echo "[INFO] gosec failed!";
+        fi
+    fi
+fi
+
+if [[ "$VULN_CHECK" == "yes" ]]; then
+    if govulncheck ./...; then
+        echo "[INFO] govulncheck passed!";
+    else
+        if [[ "$VULN_FAIL" == "yes" ]]; then
+            echo "[FATAL] govulncheck failed!"
+            exit 1;
+        else
+            echo "[INFO] govulncheck failed!"
+        fi
+    fi
+fi