From 9553b277e96dae13caa044861531355d14237f42 Mon Sep 17 00:00:00 2001 From: Manuel Alejandro de Brito Fontes Date: Fri, 4 Dec 2020 09:03:26 -0300 Subject: [PATCH] Add gosec action --- .github/workflows/ci.yaml | 22 +++++++++++++++++----- .github/workflows/docs.yaml | 4 ++-- .github/workflows/helm.yaml | 4 ++-- .github/workflows/release.txt | 2 +- 4 files changed, 22 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 0de5cdba5..f9bb92c1e 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -20,7 +20,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v1 + uses: actions/checkout@v2 - uses: dorny/paths-filter@v2.2.0 id: filter @@ -38,6 +38,18 @@ jobs: - 'charts/ingress-nginx/Chart.yaml' - 'charts/ingress-nginx/**/*' + security: + runs-on: ubuntu-latest + steps: + + - name: Checkout + uses: actions/checkout@v2 + + - name: Run Gosec Security Scanner + uses: securego/gosec@master + with: + args: -exclude=G104,G304 -exclude-dir=test ./... + build: name: Build runs-on: ubuntu-latest @@ -48,11 +60,11 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v1 + uses: actions/checkout@v2 - name: Set up Go 1.15 id: go - uses: actions/setup-go@v1 + uses: actions/setup-go@v2 with: go-version: 1.15 @@ -107,7 +119,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v1 + uses: actions/checkout@v2 - name: Lint run: | @@ -149,7 +161,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v1 + uses: actions/checkout@v2 - name: cache uses: actions/download-artifact@v2 diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml index 4d90d6b64..4cac748d8 100644 --- a/.github/workflows/docs.yaml +++ b/.github/workflows/docs.yaml @@ -18,7 +18,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v1 + uses: actions/checkout@v2 - uses: dorny/paths-filter@v2.2.0 id: filter @@ -40,7 +40,7 @@ jobs: steps: - name: Checkout master - uses: actions/checkout@v1 + uses: actions/checkout@v2 - name: Deploy uses: ./.github/actions/mkdocs diff --git a/.github/workflows/helm.yaml b/.github/workflows/helm.yaml index 4a9bdad42..384f7ea50 100644 --- a/.github/workflows/helm.yaml +++ b/.github/workflows/helm.yaml @@ -18,7 +18,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v1 + uses: actions/checkout@v2 - uses: dorny/paths-filter@v2.2.0 id: filter @@ -40,7 +40,7 @@ jobs: steps: - name: Checkout master - uses: actions/checkout@v1 + uses: actions/checkout@v2 - name: Setup shell: bash diff --git a/.github/workflows/release.txt b/.github/workflows/release.txt index bcca7072f..18039311e 100644 --- a/.github/workflows/release.txt +++ b/.github/workflows/release.txt @@ -10,7 +10,7 @@ jobs: if: github.actor == 'aledbf' steps: - name: Checkout master - uses: actions/checkout@v1 + uses: actions/checkout@v2 - name: Set up Go 1.14 uses: actions/setup-go@master