Skip to content

govulncheck

govulncheck #47

Workflow file for this run

name: 'govulncheck'
on:
## Nightly
schedule:
- cron: '42 1 * * *'
pull_request:
workflow_dispatch:
permissions:
contents: read
jobs:
govulncheck:
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
## Go version from build image is used in the govulncheck step
- name: 'Get go version from build image'
id: go_version
run: |
version=$(docker run ghcr.io/kanisterio/build go version | { read _ _ v _; echo ${v#go}; })
echo "go_version=$version" >> "$GITHUB_OUTPUT"
- id: govulncheck
name: 'Govulncheck'
uses: golang/govulncheck-action@b625fbe08f3bccbe446d94fbf87fcc875a4f50ee # v1.0.4
continue-on-error: ${{ github.event_name == 'pull_request' }}
with:
repo-checkout: false
cache: false
go-version-input: ${{ steps.go_version.outputs.go_version }}