ci: add gosec for golang security scanning

Adding gosec security scanning as a CI job
to run on each PR to ensure we are good with
security problems.

More details at https://github.com/securego/gosec

Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
This commit is contained in:
Madhu Rajanna 2024-03-01 10:46:33 +01:00
parent 328e4e5a0f
commit c821aea531

19
.github/workflows/gosec.yaml vendored Normal file
View File

@ -0,0 +1,19 @@
---
name: Run Gosec
# yamllint disable-line rule:truthy
on:
pull_request:
branches:
- devel
jobs:
tests:
runs-on: ubuntu-latest
env:
GO111MODULE: on
steps:
- name: Checkout Source
uses: actions/checkout@v4
- name: Run Gosec Security Scanner
uses: securego/gosec@master
with:
args: ./...