constellation/.github/workflows/test-govulncheck.yml

50 lines
1.2 KiB
YAML
Raw Normal View History

2022-09-13 10:05:19 -04:00
name: Govulncheck
on:
2022-10-12 04:50:06 -04:00
workflow_dispatch:
2022-09-13 10:05:19 -04:00
push:
branches:
- main
paths:
- "**.go"
- "**/go.mod"
- "**/go.sum"
2022-09-13 10:05:19 -04:00
pull_request:
paths:
- "**.go"
- "**/go.mod"
- "**/go.sum"
2022-09-13 10:05:19 -04:00
jobs:
govulncheck:
name: govulncheck
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # tag=v3.1.0
with:
ref: ${{ github.event.pull_request.head.sha }}
2022-09-13 10:05:19 -04:00
- name: Install Dependencies
run: sudo apt-get update && sudo apt-get -y install libcryptsetup-dev libvirt-dev
- name: Setup Go environment
uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f # tag=v3.3.1
2022-09-13 10:05:19 -04:00
with:
2022-10-06 13:31:12 -04:00
go-version: "1.19.2"
2022-09-13 10:05:19 -04:00
cache: true
- name: Get Go submodules
id: submods
shell: bash
run: |
mods=$(go list -f '{{.Dir}}/...' -m | xargs)
echo "Found mods: $mods"
echo "submods=${mods}" >> $GITHUB_OUTPUT
2022-09-13 10:05:19 -04:00
- name: Govulncheck
shell: bash
run: |
go install golang.org/x/vuln/cmd/govulncheck@latest
GOMEMLIMIT=5GiB govulncheck $(go list -f '{{.Dir}}/...' -m | xargs)