main by @takokun778 go vulnerability #611

	name: go vulnerability
	run-name: ${{ github.ref_name }} by @${{ github.actor }} ${{ github.workflow }}
	on:
	schedule:
	- cron: '0 15 * * *'
	pull_request:
	paths:
	- .github/workflows/go.vulnerability.yaml
	- "*/.go"
	- go.mod
	- go.sum
	jobs:
	nancy:
	runs-on: ubuntu-22.04
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Set up Go
	uses: actions/setup-go@v4
	with:
	go-version-file: go.mod
	- name: Set up nancy
	run: go install github.com/sonatype-nexus-community/nancy@latest
	- name: Nancy vulnerability scan
	run: go list -json -deps ./... \| nancy sleuth --loud
	trivy:
	if: github.event_name == 'schedule'
	runs-on: ubuntu-22.04
	steps:
	- name: Checkout
	uses: actions/checkout@v3
	- name: Set up Go
	uses: actions/setup-go@v4
	with:
	go-version-file: go.mod
	- name: Setup aqua
	uses: aquaproj/aqua-installer@v2.1.2
	with:
	aqua_version: v2.15.0
	- name: Install ko
	run: ${AQUA_ROOT_DIR:-${XDG_DATA_HOME:-$HOME/.local/share}/aquaproj-aqua}/bin/aqua install -t ko
	- name: Set up trivy
	run: \|
	sudo apt-get install wget apt-transport-https gnupg lsb-release
	wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key \| gpg --dearmor \| sudo tee /usr/share/keyrings/trivy.gpg > /dev/null
	echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" \| sudo tee -a /etc/apt/sources.list.d/trivy.list
	sudo apt-get update
	sudo apt-get install trivy
	- name: Trivy vulnerability scan core container
	working-directory: ./cmd/app
	run: trivy image $(ko publish --local .)

Provide feedback