Spaces:
Configuration error
Configuration error
name: "Security Scan" | |
# Run workflow each time code is pushed to your repository and on a schedule. | |
# The scheduled workflow runs every at 00:00 on Sunday UTC time. | |
on: | |
push: | |
schedule: | |
- cron: '0 0 * * 0' | |
jobs: | |
tests: | |
runs-on: ubuntu-latest | |
env: | |
GO111MODULE: on | |
steps: | |
- name: Checkout Source | |
uses: actions/checkout@v4 | |
if: ${{ github.actor != 'dependabot[bot]' }} | |
- name: Run Gosec Security Scanner | |
if: ${{ github.actor != 'dependabot[bot]' }} | |
uses: securego/gosec@v2.21.4 | |
with: | |
# we let the report trigger content trigger a failure using the GitHub Security features. | |
args: '-no-fail -fmt sarif -out results.sarif ./...' | |
- name: Upload SARIF file | |
if: ${{ github.actor != 'dependabot[bot]' }} | |
uses: github/codeql-action/upload-sarif@v3 | |
with: | |
# Path to SARIF file relative to the root of the repository | |
sarif_file: results.sarif | |