This commit is contained in:
parent
022612414d
commit
8c76e44d10
GPG key ID:
E46B5FEA35B22FF9
6 changed files with 25 additions and 11 deletions
|
|
@ -13,8 +13,7 @@ jobs:
|
|||
uses: actions/checkout@v4
|
||||
- uses: actions/setup-go@v5
|
||||
with:
|
||||
go-version: '1.21'
|
||||
- run: go mod download && go install github.com/a-h/templ/cmd/templ@latest
|
||||
- run: templ generate
|
||||
go-version: '1.22'
|
||||
- run: go mod download
|
||||
- name: Run Gosec Security Scanner
|
||||
uses: actions/goscan@main
|
||||
|
|
@ -8,7 +8,7 @@ RUN CGO_ENABLED=0 go build -ldflags="-s -w" -trimpath -o build/goscan
|
|||
|
||||
FROM alpine:3.20
|
||||
|
||||
RUN apk --no-cache update && apk --no-cache upgrade && apk --no-cache add curl
|
||||
RUN apk --no-cache update && apk --no-cache upgrade && apk add curl
|
||||
|
||||
COPY --from=builder /app/build/goscan /goscan
|
||||
COPY ./entrypoint.sh /entrypoint.sh
|
||||
|
|
|
|||
21
cmd/root.go
21
cmd/root.go
|
|
@ -7,8 +7,8 @@ package cmd
|
|||
import (
|
||||
"codeberg.org/mvdkleijn/forgejo-sdk/forgejo"
|
||||
"fmt"
|
||||
"git.eggactyl.cloud/Eggactyl/shell/linux"
|
||||
"github.com/go-git/go-git/v5"
|
||||
"github.com/kr/pretty"
|
||||
"github.com/nao1215/markdown"
|
||||
"github.com/owenrumney/go-sarif/sarif"
|
||||
"github.com/sethvargo/go-githubactions"
|
||||
|
|
@ -36,8 +36,6 @@ var rootCmd = &cobra.Command{
|
|||
log.Fatalln(err)
|
||||
}
|
||||
|
||||
pretty.Logln(cwd)
|
||||
|
||||
repo, err := git.PlainOpen(cwd)
|
||||
if err != nil {
|
||||
log.Fatalln(err)
|
||||
|
|
@ -48,8 +46,21 @@ var rootCmd = &cobra.Command{
|
|||
log.Fatalln(err)
|
||||
}
|
||||
|
||||
pretty.Logln(ref.Name().Short())
|
||||
pretty.Logln(ref.Hash().String())
|
||||
gosecCmd, err := linux.NewCommand(linux.CommandOptions{
|
||||
Cwd: cwd,
|
||||
Shell: "/bin/sh",
|
||||
Command: "gosec",
|
||||
Args: []string{
|
||||
"-r", "-no-fail", "-fmt", "sarif", "-out", "output.sarif", "./...",
|
||||
},
|
||||
})
|
||||
if err != nil {
|
||||
log.Fatalln(err)
|
||||
}
|
||||
|
||||
if err := gosecCmd.Run(); err != nil {
|
||||
log.Fatalln(err)
|
||||
}
|
||||
|
||||
report, err := sarif.Open("output.sarif")
|
||||
if err != nil {
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
#!/bin/sh
|
||||
|
||||
curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s -- -b /usr/local/bin
|
||||
gosec -r -no-fail -fmt sarif -out output.sarif "$PWD"
|
||||
# gosec -r -no-fail -fmt sarif -out output.sarif "$PWD"
|
||||
/goscan --is-action
|
||||
3
go.mod
3
go.mod
|
|
@ -13,6 +13,7 @@ require (
|
|||
require (
|
||||
codeberg.org/mvdkleijn/forgejo-sdk/forgejo v1.1.1 // indirect
|
||||
dario.cat/mergo v1.0.0 // indirect
|
||||
git.eggactyl.cloud/Eggactyl/shell v0.0.0-20240824225129-2ced31effd66 // indirect
|
||||
github.com/Microsoft/go-winio v0.6.1 // indirect
|
||||
github.com/ProtonMail/go-crypto v1.0.0 // indirect
|
||||
github.com/cloudflare/circl v1.3.7 // indirect
|
||||
|
|
@ -58,7 +59,7 @@ require (
|
|||
golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
|
||||
golang.org/x/mod v0.12.0 // indirect
|
||||
golang.org/x/net v0.23.0 // indirect
|
||||
golang.org/x/sys v0.19.0 // indirect
|
||||
golang.org/x/sys v0.22.0 // indirect
|
||||
golang.org/x/text v0.14.0 // indirect
|
||||
golang.org/x/tools v0.13.0 // indirect
|
||||
gopkg.in/ini.v1 v1.67.0 // indirect
|
||||
|
|
|
|||
3
go.sum
3
go.sum
|
|
@ -2,6 +2,8 @@ codeberg.org/mvdkleijn/forgejo-sdk/forgejo v1.1.1 h1:WEI3FZdoQjaiaR15TRmyGfY091R
|
|||
codeberg.org/mvdkleijn/forgejo-sdk/forgejo v1.1.1/go.mod h1:09wAYX9H0+wBo1baX9DdSqdfreZc6ji5aELsnu9m14M=
|
||||
dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk=
|
||||
dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
|
||||
git.eggactyl.cloud/Eggactyl/shell v0.0.0-20240824225129-2ced31effd66 h1:nKQ5M7/Ugn536WbH07f6NZGKy+4z04i7KoAwUU8Ibaw=
|
||||
git.eggactyl.cloud/Eggactyl/shell v0.0.0-20240824225129-2ced31effd66/go.mod h1:/QCc50YmA6jiIzIafuDiRJXhZyNu0wKLlgeUMPv5S68=
|
||||
github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY=
|
||||
github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow=
|
||||
github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM=
|
||||
|
|
@ -180,6 +182,7 @@ golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
|
|||
golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
|
||||
golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
|
||||
|
|
|
|||
Loading…
Reference in a new issue