From c821aea5315314a26ffa13e09e9e86017c95132f Mon Sep 17 00:00:00 2001 From: Madhu Rajanna Date: Fri, 1 Mar 2024 10:46:33 +0100 Subject: [PATCH] ci: add gosec for golang security scanning Adding gosec security scanning as a CI job to run on each PR to ensure we are good with security problems. More details at https://github.com/securego/gosec Signed-off-by: Madhu Rajanna --- .github/workflows/gosec.yaml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .github/workflows/gosec.yaml diff --git a/.github/workflows/gosec.yaml b/.github/workflows/gosec.yaml new file mode 100644 index 00000000000..516cbcef10f --- /dev/null +++ b/.github/workflows/gosec.yaml @@ -0,0 +1,19 @@ +--- +name: Run Gosec +# yamllint disable-line rule:truthy +on: + pull_request: + branches: + - devel +jobs: + tests: + runs-on: ubuntu-latest + env: + GO111MODULE: on + steps: + - name: Checkout Source + uses: actions/checkout@v4 + - name: Run Gosec Security Scanner + uses: securego/gosec@master + with: + args: ./...