From 3b184cd00a61790e1d1dec9088403fecf3d7d515 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jes=C3=BAs=20Garc=C3=ADa=20Crespo?= Date: Thu, 12 Oct 2023 18:22:15 +0000 Subject: [PATCH] Update GitHub workflows - Ensure that Gosec uses the version of Go of this repo. - Bump golangci-lint. --- .github/workflows/gosec.yml | 20 ++++++++++++++------ .github/workflows/lint.yml | 2 +- 2 files changed, 15 insertions(+), 7 deletions(-) diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml index e6bcde1b..193003b6 100644 --- a/.github/workflows/gosec.yml +++ b/.github/workflows/gosec.yml @@ -12,9 +12,17 @@ jobs: env: GO111MODULE: on steps: - - name: Checkout Source - uses: actions/checkout@v4 - - name: Run Gosec Security Scanner - uses: securego/gosec@master - with: - args: "-exclude-dir=dashboard -exclude-dir=hack/genpkgs -exclude-dir=hack/pulumi -exclude-dir=internal/storage/persistence/ent/db -exclude-dir=internal/api/gen ./..." + - name: Checkout code + uses: actions/checkout@v4 + - name: Read Go version + id: go_version + run: echo "go_version=$(cat .go-version)" >> $GITHUB_OUTPUT + - name: Install Go (${{ steps.go_version.outputs.go_version }}) + uses: actions/setup-go@v4 + with: + go-version: ${{ steps.go_version.outputs.go_version }} + cache: true + - name: Install Gosec Security Scanner + run: go install github.com/securego/gosec/v2/cmd/gosec@latest + - name: Run Gosec Security Scanner + run: gosec -exclude-dir=dashboard -exclude-dir=hack/ -exclude-dir=internal/api/gen -exclude-dir=internal/persistence/ent/db -exclude-dir=internal/persistence/ent/db ./... diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 3ff38317..03e0a771 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -21,5 +21,5 @@ jobs: - name: Run golangci-lint uses: golangci/golangci-lint-action@v3 with: - version: v1.52.2 + version: v1.54.2 args: --timeout=5m ./...