.github: add govuln check

- add job for govuln job - allow to continue on failure, until all issues are addressed - address: https://github.com/etcd-io/etcd/issues/14449 Signed-off-by: vivekpatani <9080894+vivekpatani@users.noreply.github.com>
2024-09-27 06:25:44 +00:00 · 2022-10-25 13:53:31 -07:00
parent 9bc4a63a41
commit 5c0d653958
1 changed files with 26 additions and 0 deletions
--- a/.github/workflows/govuln.yaml
+++ b/.github/workflows/govuln.yaml
@@ -0,0 +1,26 @@
+name: Go Vulnerability Checker
+on: [push, pull_request]
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        target:
+          - linux-amd64-govuln-check
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-go@v2
+        with:
+          go-version: "1.19.2"
+      - run: date
+      - env:
+          TARGET: ${{ matrix.target }}
+        run: |
+          echo "${TARGET}"
+          case "${TARGET}" in
+            linux-amd64-govuln-check)
+              go install golang.org/x/vuln/cmd/govulncheck@latest
+              govulncheck ./...
+              ;;
+          esac