mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-12-18 02:50:30 +00:00
Add 'gosec' to the static-checks
Run static security scanning tool 'gosec' while testing. URL: https://github.com/securego/gosec Signed-off-by: Niels de Vos <ndevos@redhat.com>
This commit is contained in:
parent
dd668e59f1
commit
8f133e03b8
@ -22,6 +22,7 @@ go: 1.12.x
|
|||||||
env:
|
env:
|
||||||
global:
|
global:
|
||||||
- GOLANGCI_VERSION=v1.17.0
|
- GOLANGCI_VERSION=v1.17.0
|
||||||
|
- GOSEC_VERSION=2.0.0
|
||||||
- TEST_COVERAGE=stdout
|
- TEST_COVERAGE=stdout
|
||||||
- GO_METALINTER_THREADS=1
|
- GO_METALINTER_THREADS=1
|
||||||
- GO_COVER_DIR=_output
|
- GO_COVER_DIR=_output
|
||||||
@ -46,6 +47,10 @@ jobs:
|
|||||||
- curl -sf
|
- curl -sf
|
||||||
"https://install.goreleaser.com/github.com/golangci/golangci-lint.sh"
|
"https://install.goreleaser.com/github.com/golangci/golangci-lint.sh"
|
||||||
| bash -s -- -b $GOPATH/bin "${GOLANGCI_VERSION}"
|
| bash -s -- -b $GOPATH/bin "${GOLANGCI_VERSION}"
|
||||||
|
# install gosec
|
||||||
|
- curl -sfL
|
||||||
|
"https://raw.githubusercontent.com/securego/gosec/master/install.sh"
|
||||||
|
| sh -s -- -b $GOPATH/bin "${GOSEC_VERSION}"
|
||||||
# install helm for helm lint
|
# install helm for helm lint
|
||||||
- curl -L https://git.io/get_helm.sh | bash
|
- curl -L https://git.io/get_helm.sh | bash
|
||||||
script:
|
script:
|
||||||
|
1
Makefile
1
Makefile
@ -44,6 +44,7 @@ dep-check:
|
|||||||
static-check:
|
static-check:
|
||||||
./scripts/lint-go.sh
|
./scripts/lint-go.sh
|
||||||
./scripts/lint-text.sh --require-all
|
./scripts/lint-text.sh --require-all
|
||||||
|
./scripts/gosec.sh
|
||||||
|
|
||||||
func-test:
|
func-test:
|
||||||
go test github.com/ceph/ceph-csi/e2e $(TESTOPTIONS)
|
go test github.com/ceph/ceph-csi/e2e $(TESTOPTIONS)
|
||||||
|
9
scripts/gosec.sh
Executable file
9
scripts/gosec.sh
Executable file
@ -0,0 +1,9 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -o pipefail
|
||||||
|
|
||||||
|
if [[ -x "$(command -v gosec)" ]]; then
|
||||||
|
find cmd pkg -type d -print0 | xargs --null gosec
|
||||||
|
else
|
||||||
|
echo "WARNING: gosec not found, skipping security tests" >&2
|
||||||
|
fi
|
Loading…
Reference in New Issue
Block a user