"Add Govulncheck Security Scan workflow"

A new GitHub Actions workflow for Govulncheck Security Scan has been added. This workflow gets activated on every push or pull request and includes runner hardening and executing 'govulncheck' to identify potential vulnerabilities.
This commit is contained in:
Winni Neessen 2024-03-23 18:59:10 +01:00
parent 4aeeca5a82
commit 25ee875300
Signed by: wneessen
GPG key ID: 5F3AF39B820C119D

21
.github/workflows/govulncheck.yml vendored Normal file
View file

@ -0,0 +1,21 @@
# SPDX-FileCopyrightText: 2022 Winni Neessen <winni@neessen.dev>
#
# SPDX-License-Identifier: CC0-1.0
name: Govulncheck Security Scan
on: [push, pull_request]
permissions:
contents: read
jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- name: Run govulncheck
uses: golang/govulncheck-action@v1