From bc1aed1936ea1d93b82711dc62dd3854456d3153 Mon Sep 17 00:00:00 2001
From: Chun-Hung Tseng <henrybear327@gmail.com>
Date: Thu, 13 Jun 2024 22:03:54 +0200
Subject: [PATCH] Fix govulncheck CI check on main branch

This commit fixed the Go Vulnerability Checker CI job, which isn't
scanning for all go.mod files within the project.

Reference:
- https://github.com/etcd-io/etcd/discussions/18168

Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
---
 .github/workflows/govuln.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/govuln.yaml b/.github/workflows/govuln.yaml
index 89039b3584d..25c43571c1d 100644
--- a/.github/workflows/govuln.yaml
+++ b/.github/workflows/govuln.yaml
@@ -16,4 +16,6 @@ jobs:
       - run: |
           set -euo pipefail
 
-          go install golang.org/x/vuln/cmd/govulncheck@latest && govulncheck ./...
+          go install golang.org/x/vuln/cmd/govulncheck@latest
+
+          find -name go.mod -exec /bin/bash -c 'echo scanning $(dirname {}); govulncheck -C $(dirname {}) -show verbose ./...' \;