Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GoKART integration #600

Closed
kuritka opened this issue Sep 6, 2021 · 0 comments
Closed

GoKART integration #600

kuritka opened this issue Sep 6, 2021 · 0 comments
Assignees
@kuritka
Labels
enhancement New feature or request
Milestone
0.9

Comments

@kuritka
Copy link
Collaborator

kuritka commented Sep 6, 2021
edited
Loading

Consider using the praetorian-inc/GoKart scanner in k8gb. If it pays off, integrate with k8gb local checkers.

  • Fix any errors the scanner finds
  • Integrate with local development environment. Ignore CI/CD
  • If everything passes, focus on the GoKart CICD in the new issue (GoKart action - https://github.com/kitabisa/gokart-action)
@kuritka kuritka self-assigned this Sep 6, 2021
@kuritka kuritka added this to the 0.9 milestone Sep 6, 2021
@kuritka kuritka added the enhancement New feature or request label Sep 6, 2021
kuritka added a commit that referenced this issue Sep 7, 2021
@kuritka
Local GoKart
7378b27 
related to #600
I was looking to see if GoKArt is part of golang-ci - not at the moment.
I have added a make target gokart. Static analysis came out very well, no code changes needed.
GoKart is checking code including imported packages, see output:

```shell
Using config found at /Users/ab011th/.gokart/analyzers.yml

Revving engines VRMMM VRMMM
3...2...1...Go!

Race Complete! Analysis took 1.862020787s and 569 Go files were scanned (including imported packages)
GoKart found 0 potentially vulnerable functions
```

Signed-off-by: kuritka <kuritka@gmail.com>
kuritka added a commit that referenced this issue Sep 7, 2021
@kuritka
Local GoKart
29aac5b 
related to #600
I was looking to see if GoKArt is part of golang-ci - not at the moment.
I have added a make target gokart. Static analysis came out very well, no code changes needed.
GoKart is checking code including imported packages, see output:

```shell
Using config found at /Users/ab011th/.gokart/analyzers.yml

Revving engines VRMMM VRMMM
3...2...1...Go!

Race Complete! Analysis took 1.862020787s and 569 Go files were scanned (including imported packages)
GoKart found 0 potentially vulnerable functions
```

Signed-off-by: kuritka <kuritka@gmail.com>
kuritka added a commit that referenced this issue Sep 7, 2021
@kuritka
Gokart action
3707262 
related to #600
I considered using a go-kart action. Unfortunately it is not yet mature enough to use it
([1](kitabisa/gokart-action#2), [2](kitabisa/gokart-action#1)).

During the processing `build.yaml` I run gokart the same way as for example golic.

Signed-off-by: kuritka <kuritka@gmail.com>
kuritka added a commit that referenced this issue Sep 7, 2021
@kuritka
Gokart action
cae3d66 
closes #600
I considered using a go-kart action. Unfortunately it is not yet mature enough to use it ([[1]](kitabisa/gokart-action#2), [[2]](kitabisa/gokart-action#1)).
During the processing `build.yaml` I run gokart the same way as for example golic.

Signed-off-by: kuritka <kuritka@gmail.com>
@kuritka kuritka mentioned this issue Sep 7, 2021
Merged
kuritka added a commit that referenced this issue Sep 8, 2021
@kuritka
Local GoKart (#603)
12611a4 
related to #600
I was looking to see if GoKArt is part of golang-ci - not at the moment.
I have added a make target gokart. Static analysis came out very well, no code changes needed.
GoKart is checking code including imported packages, see output:

```shell
Using config found at /Users/ab011th/.gokart/analyzers.yml

Revving engines VRMMM VRMMM
3...2...1...Go!

Race Complete! Analysis took 1.862020787s and 569 Go files were scanned (including imported packages)
GoKart found 0 potentially vulnerable functions
```

Signed-off-by: kuritka <kuritka@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kuritka kuritka

Labels
enhancement New feature or request
Projects
None yet
Milestone
0.9
Development

No branches or pull requests
1 participant
@kuritka