ci: add gosec for golang security scanning

Adding gosec security scanning as a CI job to run on each PR to ensure we are good with security problems. More details at https://github.com/securego/gosec Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2024-11-09 16:00:22 +00:00 · 2024-03-01 10:46:33 +01:00 · 2024-03-01 10:46:33 +01:00 · c821aea531
commit c821aea531
parent 328e4e5a0f
1 changed files with 19 additions and 0 deletions
--- a/.github/workflows/gosec.yaml
+++ b/.github/workflows/gosec.yaml
@ -0,0 +1,19 @@
+---
+name: Run Gosec
+# yamllint disable-line rule:truthy
+on:
+  pull_request:
+    branches:
+      - devel
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+    env:
+      GO111MODULE: on
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v4
+      - name: Run Gosec Security Scanner
+        uses: securego/gosec@master
+        with:
+          args: ./...