govulncheck-action

command module
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 10, 2022 License: Apache-2.0 Imports: 6 Imported by: 0

README

Golang Vulncheck

Performs vulnerability scan using govulncheck and afterwards uploads it as Sarif Report to Github

Build

Usage

Describe how to use your action here.

Example Workflow

Please be aware that this workflow highlights all available inputs. But all inputs come with a default value. Hence it is not required to provide any values.

name: My Workflow
on: [push, pull_request]
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Running govulncheck
        uses: Templum/govulncheck-action@<version>
        with:
          package: ./...
          version: v0.0.0-20220908210932-64dbbd7bba4f
          github-token: ${{ secrets.GITHUB_TOKEN }}
Inputs
Input Description
package (optional) The package you want to scan, by default will be ./...
version (optional) Version of govulncheck that should be used, by default it will be latest
github-token (optional) Github Token to upload sarif report. Needs write permissions for security_events

Please be aware if the token is not specified it uses github.token for more details on that check those docs

Documentation

The Go Gopher

There is no documentation for this package.

Directories

Path Synopsis
pkg

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL