actions/goscan
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases 2 Packages Wiki Activity Actions

add action summary, build steps

Browse source
This commit is contained in:
Shane C 2024-09-06 10:03:37 -04:00
parent d51130a14b
commit 13e8182a8d
Signed by: shanec
GPG key ID: E46B5FEA35B22FF9
7 changed files with 27 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
Dockerfile
View file

@ -8,10 +8,11 @@ RUN CGO_ENABLED=0 go build -ldflags="-s -w" -trimpath -o build/goscan
FROM alpine:3.20
RUN apk --no-cache update && apk --no-cache upgrade
RUN apk --no-cache update && apk --no-cache upgrade && apk --no-cache add curl
COPY --from=builder /app/build/goscan /goscan
COPY ./entrypoint.sh /entrypoint.sh
RUN chmod +x /goscan
RUN chmod +x /goscan && chmod +x /entrypoint.sh
ENTRYPOINT ["/goscan"]
ENTRYPOINT ["/entrypoint.sh"]

5
action.yml Normal file
View file

@ -0,0 +1,5 @@
name: 'GoSec Scanning'
description: 'Scan codebase with gosec'
runs:
using: 'docker'
image: 'docker://git.shadowhosting.xyz/actions/goscan:latest'

3
build.sh Normal file
View file

@ -0,0 +1,3 @@
#!/bin/sh
docker buildx build --platform=linux/amd64,linux/arm64/v8 --push -t git.shadowhosting.xyz/actions/goscan .

13
cmd/root.go
View file

@ -10,6 +10,7 @@ import (
"github.com/kr/pretty"
"github.com/nao1215/markdown"
"github.com/owenrumney/go-sarif/sarif"
"github.com/sethvargo/go-githubactions"
"log"
"os"
"strconv"
@ -27,6 +28,8 @@ var rootCmd = &cobra.Command{
Short: "A brief description of your application",
Run: func(cmd *cobra.Command, args []string) {
action := githubactions.New()
cwd, err := os.Getwd()
if err != nil {
log.Fatalln(err)
@ -56,11 +59,6 @@ var rootCmd = &cobra.Command{
run := report.Runs[0]
outputFile, err := os.Create("output.md")
if err != nil {
log.Fatal(err)
}
var rows [][]string
sevCountMap := map[string]int{
"high": 0,
@ -127,7 +125,8 @@ var rootCmd = &cobra.Command{
}
markdownHandler := markdown.NewMarkdown(outputFile)
var markdownOutput strings.Builder
markdownHandler := markdown.NewMarkdown(&markdownOutput)
markdownHandler.H1("GoSec Results:")
markdownHandler.PlainText("<details>")
@ -165,6 +164,8 @@ var rootCmd = &cobra.Command{
log.Fatalln(err)
}
action.AddStepSummary(markdownOutput.String())
},
}

5
entrypoint.sh Normal file
View file

@ -0,0 +1,5 @@
#!/bin/sh
curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s -- -b /usr/local/bin
gosec -no-fail -fmt sarif -out output.sarif ./...
/goscan

1
go.mod
View file

@ -38,6 +38,7 @@ require (
github.com/sagikazarmark/locafero v0.4.0 // indirect
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
github.com/sethvargo/go-githubactions v1.3.0 // indirect
github.com/skeema/knownhosts v1.2.2 // indirect
github.com/sourcegraph/conc v0.3.0 // indirect
github.com/spf13/afero v1.11.0 // indirect

2
go.sum
View file

@ -80,6 +80,8 @@ github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6g
github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ=
github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8=
github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4=
github.com/sethvargo/go-githubactions v1.3.0 h1:Kg633LIUV2IrJsqy2MfveiED/Ouo+H2P0itWS0eLh8A=
github.com/sethvargo/go-githubactions v1.3.0/go.mod h1:7/4WeHgYfSz9U5vwuToCK9KPnELVHAhGtRwLREOQV80=
github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
github.com/skeema/knownhosts v1.2.2 h1:Iug2P4fLmDw9f41PB6thxUkNUkJzB5i+1/exaj40L3A=
github.com/skeema/knownhosts v1.2.2/go.mod h1:xYbVRSPxqBZFrdmDyMmsOs+uX1UZC3nTN3ThzgDxUwo=