-
Notifications
You must be signed in to change notification settings - Fork 0
41 lines (35 loc) · 1.11 KB
/
nancy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
name: Nancy Scan
on:
workflow_call:
inputs:
dir:
required: false
type: string
secrets:
ORG_GH_TOKEN:
required: false
jobs:
nancy_scan:
name: Sonatype Nexus
runs-on: ubuntu-latest
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@v3
- name: Set up Go 1.x in order to write go.list file
uses: actions/setup-go@v3
with:
go-version: 1.17
- name: Configure git access for Tyk's private Go modules
env:
GITHUB_PAT: ${{ secrets.ORG_GH_TOKEN }}
run: |
echo "https://$GITHUB_PAT:[email protected]" >> ~/.git-credentials
git config --global credential.helper store
git config --global url."https://$GITHUB_PAT:[email protected]".insteadOf "https://github.com"
- name: Write Go List
run: go list -json -m all > go.list
working-directory: ./${{ inputs.dir }}
- name: Nancy scan
uses: sonatype-nexus-community/nancy-github-action@main
with:
goListFile: ${{ inputs.dir }}/go.list