26 lines
643 B
YAML
26 lines
643 B
YAML
name: "code scans"
|
|
on: [push, pull_request] #runs on pushes to any branch
|
|
|
|
jobs:
|
|
scans:
|
|
runs-on: smoke-test
|
|
steps:
|
|
- name: "clone code"
|
|
uses: actions/checkout@v4
|
|
|
|
- name: "install go"
|
|
uses: https://code.jakeyoungdev.com/actions/install-go@v0.1.3
|
|
with:
|
|
commands: |
|
|
golang.org/x/vuln/cmd/govulncheck@latest
|
|
|
|
- name: "dependency and stdlib scan"
|
|
uses: https://code.jakeyoungdev.com/actions/report-vulns@master
|
|
with:
|
|
manager: go
|
|
|
|
- name: "static code analysis"
|
|
uses: securego/gosec@master
|
|
with:
|
|
args: ./...
|