download gosec at build
All checks were successful
Gosec Check / Gosec Check (push) Successful in 24s
All checks were successful
Gosec Check / Gosec Check (push) Successful in 24s
This commit is contained in:
parent
f61b55a7dd
commit
85b8899056
GPG key ID:
E46B5FEA35B22FF9
2 changed files with 5 additions and 3 deletions
|
|
@ -14,7 +14,11 @@ RUN wget https://go.dev/dl/go1.23.1.linux-amd64.tar.gz && tar -xf go1.23.1.linux
|
|||
COPY --from=builder /app/build/goscan /goscan
|
||||
COPY ./entrypoint.sh /entrypoint.sh
|
||||
COPY --from=builder /app .
|
||||
|
||||
RUN chmod +x /goscan && chmod +x /entrypoint.sh
|
||||
|
||||
RUN curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s -- -b /usr/local/bin
|
||||
|
||||
USER nobody
|
||||
ENV PATH="/usr/local/go/bin:${PATH}"
|
||||
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
|
|
@ -1,6 +1,4 @@
|
|||
#!/bin/sh
|
||||
|
||||
curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s -- -b /usr/local/bin
|
||||
# gosec -r -no-fail -fmt sarif -out output.sarif "$PWD"
|
||||
/goscan --is-action
|
||||
cat output.sarif
|
||||
Loading…
Reference in a new issue