From b12fbf786c1e0f628e26af4c21311616f4a5cba7 Mon Sep 17 00:00:00 2001 From: "kedar.jamkhindikar@spectrocloud.com" <79581321+kedar-calsoftinc@users.noreply.github.com> Date: Wed, 18 Oct 2023 12:31:45 +0530 Subject: [PATCH] PCP-2008 : some changes related to path and security scan yaml removed --- .github/workflows/bulwark-gosec-pr-scan.yaml | 35 ------------------- .../workflows/golicense-pr-validation.yaml | 4 ++- .../workflows/govulncheck-pr-validation.yaml | 5 ++- 3 files changed, 7 insertions(+), 37 deletions(-) delete mode 100644 .github/workflows/bulwark-gosec-pr-scan.yaml diff --git a/.github/workflows/bulwark-gosec-pr-scan.yaml b/.github/workflows/bulwark-gosec-pr-scan.yaml deleted file mode 100644 index bbc50ca193..0000000000 --- a/.github/workflows/bulwark-gosec-pr-scan.yaml +++ /dev/null @@ -1,35 +0,0 @@ -name: BulwarkGoSec -on: [pull_request] - -concurrency: - group: gosec-${{ github.ref }} - cancel-in-progress: true - -jobs: - gosec-pr-scan: - runs-on: ubuntu-latest - container: - image: gcr.io/spectro-dev-public/bulwark/gosec:latest - steps: - - - name: run-gosec-scan - shell: sh - env: - BRANCH: ${{ github.head_ref || github.ref_name }} - GO111MODULE: on - run: | - /workspace/bulwark -name CodeSASTGoSec -verbose -target $REPO -tags "branch:$BRANCH,rules:all" - - - name: check-result - shell: sh - run: | - resultPath=$REPO-result.json - issues=$(cat $resultPath | jq -r '.Stats.found') - echo "Found ${issues} issues" - if [ "$issues" -gt 0 ]; then - echo "GoSec SAST scan failed with below findings..." - cat $resultPath - exit 1 - else - echo "GoSec SAST scan passed" - fi diff --git a/.github/workflows/golicense-pr-validation.yaml b/.github/workflows/golicense-pr-validation.yaml index 31ead2dac1..16a95d4dae 100644 --- a/.github/workflows/golicense-pr-validation.yaml +++ b/.github/workflows/golicense-pr-validation.yaml @@ -26,5 +26,7 @@ jobs: - name: golicense-scan run: | - go-licenses check --ignore github.com/spectrocloud ./../../ + go-licenses check --ignore github.com/spectrocloud go.mod + go-licenses check --ignore github.com/spectrocloud ./docs/triage-party + go-licenses check --ignore github.com/spectrocloud ./hack/tools # go-licenses check --ignore github.com/spectrocloud ./spate/xk6-spate \ No newline at end of file diff --git a/.github/workflows/govulncheck-pr-validation.yaml b/.github/workflows/govulncheck-pr-validation.yaml index 5680f875bd..f49b3b9b01 100644 --- a/.github/workflows/govulncheck-pr-validation.yaml +++ b/.github/workflows/govulncheck-pr-validation.yaml @@ -26,6 +26,9 @@ jobs: - name: govulncheck-scan run: | go version - govulncheck -mode source ./../../ + govulncheck -mode source go.mod + govulncheck -mode source ./docs/triage-party + govulncheck -mode source ./hack/tools +