Skip to content

feat: 🔧 Adding container image build (#2) #5

feat: 🔧 Adding container image build (#2)

feat: 🔧 Adding container image build (#2) #5

Workflow file for this run

name: Go
on:
push:
branches: ["main"]
pull_request:
branches: ["main"]
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps:
- uses: actions/checkout@v3
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: "1.20"
- name: Build
run: go build -v ./...
- name: Test
run: go test -v ./...
- name: Run Trivy vulnerability scanner on source code
uses: aquasecurity/trivy-action@master
with:
scan-type: "fs"
ignore-unfixed: true
format: "sarif"
output: "trivy-results.sarif"
severity: "CRITICAL"
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: "trivy-results.sarif"
- name: Run Gosec Security Scanner
uses: securego/gosec@master
with:
args: "-no-fail -fmt sarif -out gosec-results.sarif ./..."
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: gosec-results.sarif