From 8a4c7af676c9e97b4522d97b045086ec9f32dbe1 Mon Sep 17 00:00:00 2001
From: shanduur-dell <mateusz.urbanek@dell.com>
Date: Wed, 2 Aug 2023 05:51:34 -0400
Subject: [PATCH 1/2] ci(linters): added golangci-lint

Signed-off-by: shanduur-dell <mateusz.urbanek@dell.com>
---
 .github/workflows/linters.yaml | 30 ++++++++++++++++++++++++++++++
 .golangci.yaml                 | 30 ++++++++++++++++++++++++++++++
 2 files changed, 60 insertions(+)
 create mode 100644 .github/workflows/linters.yaml
 create mode 100644 .golangci.yaml

diff --git a/.github/workflows/linters.yaml b/.github/workflows/linters.yaml
new file mode 100644
index 0000000..e7aad32
--- /dev/null
+++ b/.github/workflows/linters.yaml
@@ -0,0 +1,30 @@
+name: linters
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: ["**"]
+
+permissions:
+  contents: read
+
+jobs:
+  golangci-lint:
+    name: golangci-lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/setup-go@v4
+        with:
+          go-version: "1.20"
+          cache: false
+      - name: Checkout the code
+        uses: actions/checkout@v3.2.0
+      - name: Vendor packages
+        run: |
+          go mod vendor
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          version: v1.53
+          skip-cache: true
diff --git a/.golangci.yaml b/.golangci.yaml
new file mode 100644
index 0000000..56f5332
--- /dev/null
+++ b/.golangci.yaml
@@ -0,0 +1,30 @@
+run:
+  timeout: 20m
+  issue-exit-code: 0 # we will change this later
+  tests: true
+  skip-dirs-use-default: true
+  modules-download-mode: readonly
+
+issues:
+  max-issues-per-linter: 0
+  max-same-issues: 0
+  new: false
+
+output:
+  print-linter-name: true
+  sort-results: true
+  uniq-by-line: false
+  print-issued-lines: true
+
+linters:
+  disable-all: true
+  fast: false
+  enable:
+    # A stricter replacement for gofmt.
+    - gofumpt
+    # Inspects source code for security problems.
+    - gosec
+    # Check for correctness of programs.
+    - govet
+    # Drop-in replacement of golint.
+    - revive

From e173761ef74b2f78451b8d12bbdb741935c7a5d3 Mon Sep 17 00:00:00 2001
From: Don Khan <don.khan@dell.com>
Date: Tue, 22 Aug 2023 12:10:47 -0400
Subject: [PATCH 2/2] Use Trivy for scans

Azure tool is deprecated so switching to Trivy.
---
 .github/workflows/actions.yaml | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/actions.yaml b/.github/workflows/actions.yaml
index 6d88a1a..8ffa697 100644
--- a/.github/workflows/actions.yaml
+++ b/.github/workflows/actions.yaml
@@ -73,10 +73,7 @@ jobs:
         run:  go mod download
       - name: Build csm-topology Docker Image
         run: make clean build docker  
-      - name: Image scanner
-        uses: Azure/container-scan@v0
+      - name: Run Trivy action
+        uses: aquasecurity/trivy-action@master
         with:
-          image-name: csm-topology
-          severity-threshold: HIGH
-        env:
-          DOCKLE_HOST: "unix:///var/run/docker.sock"
+          image-ref: csm-topology