From 6f1bb8a7c9acd77dbe53f27662101c8bbca765bc Mon Sep 17 00:00:00 2001 From: Vitalis Salis Date: Fri, 4 Oct 2024 13:36:45 +0300 Subject: [PATCH] chore: Enable gosec (#13) --- .github/workflows/ci.yml | 9 +++++++-- .github/workflows/publish.yml | 9 +++++++-- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 68d40bd..8f19e47 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,14 +7,19 @@ on: jobs: lint_test: - uses: babylonlabs-io/.github/.github/workflows/reusable_go_lint_test.yml@v0.1.0 + uses: babylonlabs-io/.github/.github/workflows/reusable_go_lint_test.yml@v0.6.0 with: run-unit-tests: true run-integration-tests: true run-lint: true + run-build: true + run-gosec: true + gosec-args: "-exclude-generated ./..." docker_pipeline: - uses: babylonlabs-io/.github/.github/workflows/reusable_docker_pipeline.yml@v0.1.0 + uses: babylonlabs-io/.github/.github/workflows/reusable_docker_pipeline.yml@v0.6.0 secrets: inherit with: publish: false + dockerfile: ./Dockerfile + repoName: covenant-signer diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 1c4254b..5738e07 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -9,15 +9,20 @@ on: jobs: lint_test: - uses: babylonlabs-io/.github/.github/workflows/reusable_go_lint_test.yml@v0.1.0 + uses: babylonlabs-io/.github/.github/workflows/reusable_go_lint_test.yml@v0.6.0 with: run-unit-tests: true run-integration-tests: true run-lint: true + run-build: true + run-gosec: true + gosec-args: "-exclude-generated ./..." docker_pipeline: needs: ["lint_test"] - uses: babylonlabs-io/.github/.github/workflows/reusable_docker_pipeline.yml@v0.1.0 + uses: babylonlabs-io/.github/.github/workflows/reusable_docker_pipeline.yml@v0.6.0 secrets: inherit with: publish: true + dockerfile: ./Dockerfile + repoName: covenant-signer