File tree 7 files changed +66
-102
lines changed
7 files changed +66
-102
lines changed Load Diff This file was deleted.
Load Diff This file was deleted.
Load Diff This file was deleted.
Original file line number Diff line number Diff line change 1- name : golangci-lint
1+ name : Lint
22
33on :
44 push :
2222 # ------------------------------
2323
2424 golangci-lint :
25- name : lint
25+ name : golangci- lint
2626 runs-on : ubuntu-latest
2727 steps :
2828 - uses : actions/checkout@v4
4848 args : --timeout=5m
4949
5050 # ------------------------------
51+
52+ codeql-analyze :
53+ name : codeql-analyze
54+ runs-on : ubuntu-latest
55+
56+ permissions :
57+ security-events : write
58+ actions : read
59+ contents : read
60+
61+ steps :
62+ - uses : actions/checkout@v4
63+
64+ - uses : actions/setup-go@v5
65+ with :
66+ go-version-file : go.mod
67+
68+ - uses : github/codeql-action/init@v3
69+
70+ - uses : github/codeql-action/autobuild@v3
71+
72+ - uses : github/codeql-action/analyze@v3
Original file line number Diff line number Diff line change @@ -15,6 +15,7 @@ permissions:
1515jobs :
1616 goreleaser :
1717 runs-on : ubuntu-latest
18+ name : goreleaser
1819 env :
1920 DOCKER_CLI_EXPERIMENTAL : " enabled"
2021 steps :
Original file line number Diff line number Diff line change 1616
1717 govulncheck :
1818 runs-on : ubuntu-latest
19+ name : govulncheck
1920 steps :
2021 - uses : actions/checkout@v4
2122 with :
4344
4445 semgrep :
4546 runs-on : ubuntu-latest
47+ name : semgrep
4648 container :
4749 image : returntocorp/semgrep
4850 steps :
6163
6264 - name : semgrep
6365 run : semgrep scan --error --enable-nosem -f ./rules .
66+
67+ # ------------------------------
68+
69+ gitleaks :
70+ runs-on : ubuntu-latest
71+ name : gitleaks
72+ steps :
73+ - uses : actions/checkout@v4
74+ with :
75+ fetch-depth : 0
76+ ref : ${{ github.event.pull_request.head.sha }}
77+
78+ - uses : gitleaks/gitleaks-action@v2
79+ env :
80+ GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
81+ GITLEAKS_LICENSE : ${{ secrets.GITLEAKS_LICENSE}}
82+ if : ${{ env.GITLEAKS_LICENSE != '' }}
83+
84+ # -----------------------------
85+
86+ grype-scan :
87+ runs-on : ubuntu-latest
88+ name : grype-scan
89+
90+ permissions :
91+ security-events : write
92+ actions : read
93+ contents : read
94+
95+ steps :
96+ - uses : actions/checkout@v4
97+ with :
98+ ref : ${{ github.event.pull_request.head.sha }}
99+
100+ - uses : anchore/scan-action@v3
101+ with :
102+ path : " ."
103+ fail-build : true
Original file line number Diff line number Diff line change @@ -14,6 +14,7 @@ permissions:
1414jobs :
1515 test :
1616 runs-on : ubuntu-latest
17+ name : go test
1718 steps :
1819 - uses : actions/checkout@v4
1920 with :
You can’t perform that action at this time.
0 commit comments