Skip to content

Commit

Permalink
Check gosec results in CI
Browse files Browse the repository at this point in the history 
The KinD tests action will now run the gosec-scan, and that target will
fail if any vulnerabilities are found. The target was also configured to
ignore the test code.

Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com>
  • Loading branch information
@JustinKuli @openshift-ci
JustinKuli authored and openshift-ci[bot] committed Apr 20, 2023
1 parent d6cb733 commit 8c251da
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
3 changes: 2 additions & 1 deletion .github/workflows/kind.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,11 +47,12 @@ jobs:
run: |
go mod verify
- name: Verify format
- name: Some quality checks
run: |
make fmt
git diff --exit-code
make lint
make gosec-scan
- name: Verify deploy/operator.yaml
run: |
Expand Down
2 changes: 1 addition & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -177,7 +177,7 @@ gosec:

.PHONY: gosec-scan
gosec-scan: gosec
$(GOSEC) -fmt sonarqube -out gosec.json -no-fail -exclude-dir=.go ./...
$(GOSEC) -fmt sonarqube -out gosec.json -stdout -exclude-dir=.go -exclude-dir=test ./...

############################################################
# build section
Expand Down

0 comments on commit 8c251da

Please sign in to comment.