From 1d39b1d214e39921815eae056693f56f9392c674 Mon Sep 17 00:00:00 2001 From: Julian Haseleu Date: Thu, 9 Oct 2025 14:12:41 +0000 Subject: [PATCH] add goSec, go-lint, update actions --- .gitea/workflows/main.yaml | 16 ++++++++++++---- .gitea/workflows/pr.yaml | 14 +++++++++++--- .gitea/workflows/release.yaml | 16 ++++++++++++---- 3 files changed, 35 insertions(+), 11 deletions(-) diff --git a/.gitea/workflows/main.yaml b/.gitea/workflows/main.yaml index f5d393d..9fdfba7 100644 --- a/.gitea/workflows/main.yaml +++ b/.gitea/workflows/main.yaml @@ -10,13 +10,21 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out repository code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version: '1.24.x' + - name: golangci-lint + uses: golangci/golangci-lint-action@v8 + with: + version: v2.1 - name: Test with the Go CLI - run: go test ./... + run: go test ./... -v + - name: Run Gosec Security Scanner + uses: securego/gosec@master + with: + args: ./... Build_Image: runs-on: ubuntu-latest steps: @@ -46,4 +54,4 @@ jobs: # - name: Sign the published Docker image # env: # COSIGN_EXPERIMENTAL: "true" - # run: cosign sign lerentis/canada-kaktus:${{ github.sha }}@${{ steps.build-and-push.outputs.digest }} \ No newline at end of file + # run: cosign sign lerentis/canada-kaktus:${{ github.sha }}@${{ steps.build-and-push.outputs.digest }} diff --git a/.gitea/workflows/pr.yaml b/.gitea/workflows/pr.yaml index 33c0273..773697a 100644 --- a/.gitea/workflows/pr.yaml +++ b/.gitea/workflows/pr.yaml @@ -7,13 +7,21 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out repository code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version: '1.24.x' + - name: golangci-lint + uses: golangci/golangci-lint-action@v8 + with: + version: v2.1 - name: Test with the Go CLI - run: go test ./... + run: go test ./... -v + - name: Run Gosec Security Scanner + uses: securego/gosec@master + with: + args: ./... Build_Image: runs-on: ubuntu-latest steps: diff --git a/.gitea/workflows/release.yaml b/.gitea/workflows/release.yaml index 44c7647..9979912 100644 --- a/.gitea/workflows/release.yaml +++ b/.gitea/workflows/release.yaml @@ -7,13 +7,21 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out repository code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version: '1.24.x' + - name: golangci-lint + uses: golangci/golangci-lint-action@v8 + with: + version: v2.1 - name: Test with the Go CLI - run: go test ./... + run: go test ./... -v + - name: Run Gosec Security Scanner + uses: securego/gosec@master + with: + args: ./... Build_Image: runs-on: ubuntu-latest steps: @@ -43,4 +51,4 @@ jobs: # - name: Sign the published Docker image # env: # COSIGN_EXPERIMENTAL: "true" - # run: cosign sign lerentis/canada-kaktus:${{ github.event.release.tag_name }}@${{ steps.build-and-push.outputs.digest }} \ No newline at end of file + # run: cosign sign lerentis/canada-kaktus:${{ github.event.release.tag_name }}@${{ steps.build-and-push.outputs.digest }}