diff options
| author | Dave Henderson <dhenderson@gmail.com> | 2022-02-15 07:44:48 -0500 |
|---|---|---|
| committer | Dave Henderson <dhenderson@gmail.com> | 2022-03-22 09:23:40 -0400 |
| commit | 599121067b25f64c3be687eae54ed2bfb9cca819 (patch) | |
| tree | fd2d943f7ca1274c3b4606b04496f3f4542c9c8a /.github | |
| parent | 1a084d95b7567f7e2da33e61c3e4168f656a22b5 (diff) | |
Various updates for Go 1.18
Signed-off-by: Dave Henderson <dhenderson@gmail.com>
Diffstat (limited to '.github')
| -rw-r--r-- | .github/workflows/build.yml | 9 | ||||
| -rw-r--r-- | .github/workflows/image-scan.yml | 20 |
2 files changed, 16 insertions, 13 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 091094f8..8ca1af1e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -17,7 +17,6 @@ jobs: - run: make build env: GOPATH: ${{ runner.workspace }} - ASSUME_NO_MOVING_GC_UNSAFE_RISK_IT_WITH: go1.18rc1 - name: Save binary uses: actions/upload-artifact@v3 with: @@ -37,21 +36,17 @@ jobs: env: CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }} GOPATH: ${{ runner.workspace }} - ASSUME_NO_MOVING_GC_UNSAFE_RISK_IT_WITH: go1.18rc1 - run: make integration env: GOPATH: ${{ runner.workspace }} - ASSUME_NO_MOVING_GC_UNSAFE_RISK_IT_WITH: go1.18rc1 windows-build: runs-on: windows-latest env: TMP: D:\tmp - ASSUME_NO_MOVING_GC_UNSAFE_RISK_IT_WITH: go1.18rc1 steps: - uses: actions/setup-go@v2 with: - stable: 'false' - go-version: '1.18.0-rc1' + go-version: '1.18' - run: | git config --global user.email "bogus@example.com" git config --global user.name "Someone" @@ -81,5 +76,3 @@ jobs: with: path: ./src/github.com/${{ github.repository }} - run: make ci-lint - env: - ASSUME_NO_MOVING_GC_UNSAFE_RISK_IT_WITH: go1.18rc1 diff --git a/.github/workflows/image-scan.yml b/.github/workflows/image-scan.yml index 991fb503..7e2654e1 100644 --- a/.github/workflows/image-scan.yml +++ b/.github/workflows/image-scan.yml @@ -16,15 +16,25 @@ jobs: - name: Quick build (linux/alpine only) run: | docker build --target gomplate-alpine -t gomplate . - - name: Scan with Trivy + - name: Run Trivy vulnerability scanner (table output) uses: aquasecurity/trivy-action@master with: - image-ref: 'gomplate' - format: 'template' - template: '@/contrib/sarif.tpl' - output: 'trivy-results.sarif' + image-ref: gomplate + format: table exit-code: 1 ignore-unfixed: true + vuln-type: os,library + severity: CRITICAL,HIGH + - name: Run Trivy vulnerability scanner + uses: aquasecurity/trivy-action@master + with: + image-ref: gomplate + format: sarif + output: trivy-results.sarif + exit-code: 1 + ignore-unfixed: true + vuln-type: os,library + severity: CRITICAL,HIGH - name: Upload Trivy scan results to GitHub Security tab uses: github/codeql-action/upload-sarif@v1 with: |