laconicd-deprecated/.gitea/workflows/security.yml

name: Run Gosec
on:
  pull_request:
  push:
    branches:
      - main

jobs:
  Gosec:
    permissions:
      security-events: write

    runs-on: ubuntu-latest
    env:
      GO111MODULE: on
      # To amke upload-sarif happy
      GITHUB_RUN_ATTEMPT: 1
    steps:
      - name: Checkout Source
        uses: actions/checkout@v3
      - name: Run Gosec Security Scanner
        uses: cosmos/gosec@master
        with:
          # we let the report trigger content trigger a failure using the GitHub Security features.
          args: '-no-fail -fmt sarif -out results.sarif -exclude=G701,G703 ./...'
      - name: Upload SARIF file
        uses: github/codeql-action/upload-sarif@v2
        with:
          # Path to SARIF file relative to the root of the repository
          sarif_file: results.sarif
.gitea instead 2024-01-22 22:57:21 +00:00			`name: Run Gosec`
			`on:`
			`pull_request:`
			`push:`
			`branches:`
			`- main`

			`jobs:`
			`Gosec:`
			`permissions:`
			`security-events: write`

			`runs-on: ubuntu-latest`
			`env:`
			`GO111MODULE: on`
More tweaks 2024-01-22 23:09:42 +00:00			`# To amke upload-sarif happy`
			`GITHUB_RUN_ATTEMPT: 1`
.gitea instead 2024-01-22 22:57:21 +00:00			`steps:`
			`- name: Checkout Source`
			`uses: actions/checkout@v3`
			`- name: Run Gosec Security Scanner`
			`uses: cosmos/gosec@master`
			`with:`
			`# we let the report trigger content trigger a failure using the GitHub Security features.`
			`args: '-no-fail -fmt sarif -out results.sarif -exclude=G701,G703 ./...'`
			`- name: Upload SARIF file`
			`uses: github/codeql-action/upload-sarif@v2`
			`with:`
			`# Path to SARIF file relative to the root of the repository`
			`sarif_file: results.sarif`