Add gosec version as an input parameter to GitHub action (#927)

* Add gosec version as a paramter to the Github action

* Run gosec as a github action as part of CI
This commit is contained in:
Cosmin Cojocar 2023-02-08 10:40:36 +01:00 committed by GitHub
parent 2d6b0a5b0f
commit d22a7b6ede
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 12 additions and 2 deletions

View file

@ -30,7 +30,12 @@ jobs:
- name: lint - name: lint
uses: golangci/golangci-lint-action@v3 uses: golangci/golangci-lint-action@v3
with: with:
version: ${{ matrix.version.golangci }} version: ${{ matrix.version.golangci }}
- name: Run Gosec Security Scanner
uses: securego/gosec@master
with:
version: '2.15.0'
args: ./...
- name: Run Tests - name: Run Tests
run: make test run: make test
coverage: coverage:

View file

@ -72,6 +72,7 @@ jobs:
- name: Run Gosec Security Scanner - name: Run Gosec Security Scanner
uses: securego/gosec@master uses: securego/gosec@master
with: with:
version: 'latest'
args: ./... args: ./...
``` ```

View file

@ -3,6 +3,10 @@ description: 'Runs the gosec security checker'
author: '@ccojocar' author: '@ccojocar'
inputs: inputs:
version:
description: 'Version of gosec to use (e.g. 2.15.0)'
required: false
default: 'latest'
args: args:
description: 'Arguments for gosec' description: 'Arguments for gosec'
required: true required: true
@ -10,7 +14,7 @@ inputs:
runs: runs:
using: 'docker' using: 'docker'
image: 'docker://securego/gosec' image: 'docker://securego/gosec:${{inputs.version}}'
args: args:
- ${{ inputs.args }} - ${{ inputs.args }}