Skip to content

Commit

Permalink
Stricter dependency/security review
Browse files Browse the repository at this point in the history 
Signed-off-by: Davanum Srinivas <[email protected]>
  • Loading branch information
@dims
dims committed Oct 14, 2023
1 parent f42a62f commit 704ea5c
Showing 1 changed file with 36 additions and 0 deletions.
36 changes: 36 additions & 0 deletions .github/workflows/deps.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
name: "Dependency Review"
on: [push, pull_request, workflow_dispatch]
permissions:
contents: read
jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: "Checkout Repository"
uses: actions/checkout@v4
with:
show-progress: false
- name: "Dependency Review"
uses: actions/dependency-review-action@v3
govulncheck:
runs-on: ubuntu-latest
steps:
- name: "Checkout Repository"
uses: actions/checkout@v4
with:
show-progress: false
- id: govulncheck
uses: golang/govulncheck-action@v1
with:
go-version-input: 1.21.3
go-version-file: go.mod
- id: govulncheck-tests-integration
uses: golang/govulncheck-action@v1
with:
go-version-input: 1.21.3
go-version-file: tests/integration/go.mod
- id: govulncheck-tests-e2e
uses: golang/govulncheck-action@v1
with:
go-version-input: 1.21.3
go-version-file: tests/e2e/go.mod

0 comments on commit 704ea5c

Please sign in to comment.