-
Notifications
You must be signed in to change notification settings - Fork 0
35 lines (34 loc) · 1.24 KB
/
golang.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
---
name: Quality Assurance
on:
push:
paths: ['**.go']
pull_request:
branches:
- master
types: [opened, edited, synchronize, reopened]
paths: ['**.go']
jobs:
quality-check:
strategy:
matrix:
go: [1.22.0]
os: ['ubuntu-latest']
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go }}
- name: Run govulncheck to scan for known vulnerabilities in dependencies.
run: go run golang.org/x/vuln/cmd/govulncheck@latest -test ./...
continue-on-error: true
- name: Run osv-scanner to scan for known vulnerabilities in dependencies.
run: go run github.com/google/osv-scanner/cmd/osv-scanner@latest -r .
continue-on-error: true
- name: Run securego/gosec to scan source for security problems
run: go run github.com/securego/gosec/v2/cmd/gosec@latest -exclude=G204,G302,G304 -quiet ./...
- name: Run go-critic for code linting
run: go run github.com/go-critic/go-critic/cmd/gocritic@latest check -enableAll ./...
- name: Run ineffassign to scan source for unused assignments
run: go run github.com/gordonklaus/ineffassign@latest ./...