From 40edc7ffdf7db232066ef23c2240f95fc8ed23c0 Mon Sep 17 00:00:00 2001
From: Vitalis Salis <vitsalis@babylonlabs.io>
Date: Fri, 4 Oct 2024 13:18:26 +0300
Subject: [PATCH] chore: Enable gosec

---
 .github/workflows/ci.yml      | 5 ++++-
 .github/workflows/publish.yml | 9 +++++++--
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 68d40bd..1976256 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -7,11 +7,14 @@ on:
 
 jobs:
   lint_test:
-    uses: babylonlabs-io/.github/.github/workflows/reusable_go_lint_test.yml@v0.1.0
+    uses: babylonlabs-io/.github/.github/workflows/reusable_go_lint_test.yml@v0.6.0
     with:
      run-unit-tests: true
      run-integration-tests: true
      run-lint: true
+     run-build: true
+     run-gosec: true
+     gosec-args: "-exclude-generated ./..."
 
   docker_pipeline:
     uses: babylonlabs-io/.github/.github/workflows/reusable_docker_pipeline.yml@v0.1.0
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 1c4254b..5738e07 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -9,15 +9,20 @@ on:
 
 jobs:
   lint_test:
-    uses: babylonlabs-io/.github/.github/workflows/reusable_go_lint_test.yml@v0.1.0
+    uses: babylonlabs-io/.github/.github/workflows/reusable_go_lint_test.yml@v0.6.0
     with:
      run-unit-tests: true
      run-integration-tests: true
      run-lint: true
+     run-build: true
+     run-gosec: true
+     gosec-args: "-exclude-generated ./..."
 
   docker_pipeline:
     needs: ["lint_test"]
-    uses: babylonlabs-io/.github/.github/workflows/reusable_docker_pipeline.yml@v0.1.0
+    uses: babylonlabs-io/.github/.github/workflows/reusable_docker_pipeline.yml@v0.6.0
     secrets: inherit
     with:
      publish: true
+     dockerfile: ./Dockerfile
+     repoName: covenant-signer