etcd/.github/workflows/govuln.yaml

---
name: Go Vulnerability Checker
on: [push, pull_request]
permissions: read-all
jobs:
  test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
      - id: goversion
        run: echo "goversion=$(cat .go-version)" >> "$GITHUB_OUTPUT"
      - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
        with:
          go-version: ${{ steps.goversion.outputs.goversion }}
      - run: date
      - run: |
          set -euo pipefail

          go install golang.org/x/vuln/cmd/govulncheck@latest && govulncheck ./...
ci: Introduce yamllint for actions workflow files Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com> 2023-05-26 11:34:23 +03:00			`---`
.github: add govuln check - add job for govuln job - allow to continue on failure, until all issues are addressed - address: https://github.com/etcd-io/etcd/issues/14449 Signed-off-by: vivekpatani <9080894+vivekpatani@users.noreply.github.com> 2022-10-25 23:53:31 +03:00			`name: Go Vulnerability Checker`
			`on: [push, pull_request]`
Squashed commit of the following: commit 9a3bf2c0ed6e63c718789679745fdaa24a2c2ba9 Author: Joyce Brum <joycebrum@google.com> Date: Tue Dec 6 17:59:42 2022 +0000 fix: write permissions Signed-off-by: Joyce Brum <joycebrum@google.com> commit 7716f3c00cd7cfe4debbbf97662b1cee7277ba00 Author: Joyce Brum <joycebrum@google.com> Date: Tue Dec 6 17:04:19 2022 +0000 fix: typo on coverage workflow Signed-off-by: Joyce Brum <joycebrum@google.com> commit cb5165401392f1a2de3683ec33ffe97dc0f1fe9f Author: Joyce Brum <joycebrum@google.com> Date: Tue Dec 6 16:57:50 2022 +0000 feat: test coverage workflow with write permissions Signed-off-by: Joyce Brum <joycebrum@google.com> commit 235627f257d52139c9c73c2ca15c9ef7250cea2f Author: Joyce Brum <joycebrum@google.com> Date: Tue Dec 6 16:44:21 2022 +0000 fix: measure test read all and workflow dispatch Signed-off-by: Joyce Brum <joycebrum@google.com> commit 81b1581f19945ba5ddd7fa74661910a457af7515 Author: Joyce Brum <joycebrum@google.com> Date: Tue Dec 6 14:50:12 2022 +0000 feat: change from content read to read all Signed-off-by: Joyce Brum <joycebrum@google.com> commit 95bd39f615924a9c0186e6d3e1ad6c205c7db428 Author: Joyce Brum <joycebrum@google.com> Date: Tue Dec 6 14:45:45 2022 +0000 fix: add permission to write on e2e.yaml Signed-off-by: Joyce Brum <joycebrum@google.com> commit f86661da253af3908cde9f5f71311fbca6b26c81 Author: Joyce Brum <joycebrum@google.com> Date: Mon Dec 5 17:04:44 2022 +0000 feat: use read-only by default Signed-off-by: Joyce Brum <joycebrum@google.com> Signed-off-by: Joyce Brum <joycebrum@google.com> 2022-12-06 21:03:50 +03:00			`permissions: read-all`
.github: add govuln check - add job for govuln job - allow to continue on failure, until all issues are addressed - address: https://github.com/etcd-io/etcd/issues/14449 Signed-off-by: vivekpatani <9080894+vivekpatani@users.noreply.github.com> 2022-10-25 23:53:31 +03:00			`jobs:`
			`test:`
			`runs-on: ubuntu-latest`
			`steps:`
build(deps): bump actions/checkout from 3.5.2 to 3.5.3 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.2 to 3.5.3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8e5e7e5ab8b370d6c329ec480221332ada57f0ab...c85c95e3d7251135ab7dc9ce3241c5835cc595a9) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> 2023-06-12 20:59:49 +03:00			`- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3`
.github/workflows: Read .go-version as a step and not separate workflow Signed-off-by: Marek Siarkowicz <serathius@users.noreply.github.com> 2023-06-09 21:07:09 +03:00			`- id: goversion`
			`run: echo "goversion=$(cat .go-version)" >> "$GITHUB_OUTPUT"`
build(deps): bump actions/setup-go from 4.0.0 to 4.0.1 Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.0.0 to 4.0.1. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/4d34df0c2316fe8122ab82dc22947d607c0c91f9...fac708d6674e30b6ba41289acaab6d4b75aa0753) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> 2023-05-15 21:00:00 +03:00			`- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1`
.github: add govuln check - add job for govuln job - allow to continue on failure, until all issues are addressed - address: https://github.com/etcd-io/etcd/issues/14449 Signed-off-by: vivekpatani <9080894+vivekpatani@users.noreply.github.com> 2022-10-25 23:53:31 +03:00			`with:`
.github/workflows: Read .go-version as a step and not separate workflow Signed-off-by: Marek Siarkowicz <serathius@users.noreply.github.com> 2023-06-09 21:07:09 +03:00			`go-version: ${{ steps.goversion.outputs.goversion }}`
.github: add govuln check - add job for govuln job - allow to continue on failure, until all issues are addressed - address: https://github.com/etcd-io/etcd/issues/14449 Signed-off-by: vivekpatani <9080894+vivekpatani@users.noreply.github.com> 2022-10-25 23:53:31 +03:00			`- run: date`
chore: introduce strict bash mode for scripts,.github REF: #15514 Signed-off-by: Wei Fu <fuweid89@gmail.com> 2023-03-21 16:18:17 +03:00			`- run: \|`
			`set -euo pipefail`

			`go install golang.org/x/vuln/cmd/govulncheck@latest && govulncheck ./...`