From cbf88cf04bd994c19bcb072fcfe3cfda7a82faf2 Mon Sep 17 00:00:00 2001 From: atilsensalduz Date: Tue, 25 Feb 2025 10:01:33 +0300 Subject: [PATCH 1/3] feat: add govulncheck to run security scan workflow This commit introduces a new GitHub Actions workflow to run 'govulncheck' for security scanning of Go modules. The workflow will automatically scan for known vulnerabilities and enhance the security posture of the repository. References: - Go Vulnerability Management: https://go.dev/blog/vuln - Related Issue: https://github.com/termkit/gama/issues/22 Signed-off-by: atilsensalduz --- .github/workflows/govulncheck.yml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 .github/workflows/govulncheck.yml diff --git a/.github/workflows/govulncheck.yml b/.github/workflows/govulncheck.yml new file mode 100644 index 0000000..72e9e67 --- /dev/null +++ b/.github/workflows/govulncheck.yml @@ -0,0 +1,8 @@ +name: Run govulncheck +on: [push] +jobs: + govulncheck: + runs-on: ubuntu-latest + steps: + - id: govulncheck + uses: golang/govulncheck-action@v1 \ No newline at end of file From 631f4fcf5eee4b29dd7905e9e2478d44f55818de Mon Sep 17 00:00:00 2001 From: atilsensalduz Date: Wed, 26 Feb 2025 09:45:45 +0300 Subject: [PATCH 2/3] feat: add gosec to run static code analysis workflow This commit introduces a new GitHub Actions workflow to run 'gosec' for static code analysis of Go modules. The workflow will automatically scan the source code for potential security issues and improve the security posture of the repository. References: - Gosec Documentation: https://github.com/securego/gosec - Related Issue: https://github.com/termkit/gama/issues/22 Signed-off-by: atilsensalduz --- .github/workflows/gosec.yaml | 20 +++++++++++++++++++ .../{govulncheck.yml => govulncheck.yaml} | 2 +- 2 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/gosec.yaml rename .github/workflows/{govulncheck.yml => govulncheck.yaml} (72%) diff --git a/.github/workflows/gosec.yaml b/.github/workflows/gosec.yaml new file mode 100644 index 0000000..9548961 --- /dev/null +++ b/.github/workflows/gosec.yaml @@ -0,0 +1,20 @@ +name: Run Gosec +on: + push: + branches: + - main + pull_request: + branches: + - main +jobs: + tests: + runs-on: ubuntu-latest + env: + GO111MODULE: on + steps: + - name: Checkout Source + uses: actions/checkout@v4 + - name: Run Gosec Security Scanner + uses: securego/gosec@master + with: + args: ./... \ No newline at end of file diff --git a/.github/workflows/govulncheck.yml b/.github/workflows/govulncheck.yaml similarity index 72% rename from .github/workflows/govulncheck.yml rename to .github/workflows/govulncheck.yaml index 72e9e67..b398390 100644 --- a/.github/workflows/govulncheck.yml +++ b/.github/workflows/govulncheck.yaml @@ -5,4 +5,4 @@ jobs: runs-on: ubuntu-latest steps: - id: govulncheck - uses: golang/govulncheck-action@v1 \ No newline at end of file + uses: golang/govulncheck-action@v1 From 05054b6e0f36a371b7bb8a0d94b6424858f8d39a Mon Sep 17 00:00:00 2001 From: atilsensalduz Date: Wed, 26 Feb 2025 09:50:19 +0300 Subject: [PATCH 3/3] feat: add gosec to run static code analysis workflow This commit introduces a new GitHub Actions workflow to run 'gosec' for static code analysis of Go modules. The workflow will automatically scan the source code for potential security issues and improve the security posture of the repository. References: - Gosec Documentation: https://github.com/securego/gosec - Related Issue: https://github.com/termkit/gama/issues/22 Signed-off-by: atilsensalduz --- .github/workflows/gosec.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/gosec.yaml b/.github/workflows/gosec.yaml index 9548961..b8cce46 100644 --- a/.github/workflows/gosec.yaml +++ b/.github/workflows/gosec.yaml @@ -7,7 +7,7 @@ on: branches: - main jobs: - tests: + gosec: runs-on: ubuntu-latest env: GO111MODULE: on