constellation/.github/workflows/test-govulncheck.yml

51 lines
1.3 KiB
YAML
Raw Normal View History

2022-09-13 16:05:19 +02:00
name: Govulncheck
on:
2022-10-12 10:50:06 +02:00
workflow_dispatch:
2022-09-13 16:05:19 +02:00
push:
branches:
- main
- "release/**"
2022-09-13 16:05:19 +02:00
paths:
- "**.go"
- "**/go.mod"
- "**/go.sum"
2022-09-13 16:05:19 +02:00
pull_request:
paths:
- "**.go"
- "**/go.mod"
- "**/go.sum"
2022-09-13 16:05:19 +02:00
jobs:
govulncheck:
name: govulncheck
runs-on: ubuntu-22.04
2022-09-13 16:05:19 +02:00
steps:
- name: Checkout
uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3.2.0
with:
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
2022-09-13 16:05:19 +02:00
- name: Install Dependencies
run: sudo apt-get update && sudo apt-get -y install libcryptsetup-dev libvirt-dev
- name: Setup Go environment
uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
2022-09-13 16:05:19 +02:00
with:
go-version: "1.19.4"
2022-09-13 16:05:19 +02:00
cache: true
- name: Get Go submodules
id: submods
shell: bash
run: |
mods=$(go list -f '{{.Dir}}/...' -m | xargs)
echo "Found mods: $mods"
echo "submods=${mods}" >> "$GITHUB_OUTPUT"
2022-09-13 16:05:19 +02:00
- name: Govulncheck
shell: bash
run: |
go install golang.org/x/vuln/cmd/govulncheck@latest
GOMEMLIMIT=5GiB govulncheck "$(go list -f '{{.Dir}}/...' -m | xargs)"