From 75dd030425d63e81524f892beb7da0f43fa4d13c Mon Sep 17 00:00:00 2001
From: "nikita.smirnov" <nikita.smirnov@exactprosystems.com>
Date: Wed, 22 Jan 2025 16:30:10 +0400
Subject: [PATCH] Added vulnerability-check, dependabot workflows

---
 .github/dependabot.yml                    | 20 +++++++++++++++++
 .github/workflows/check.yml               | 17 ++++++--------
 .github/workflows/vulnerability-check.yml | 27 +++++++++++++++++++++++
 3 files changed, 54 insertions(+), 10 deletions(-)
 create mode 100644 .github/dependabot.yml
 create mode 100644 .github/workflows/vulnerability-check.yml

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..ef90223
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,20 @@
+version: 2
+updates:
+  - package-ecosystem: gomod
+    directory: /
+    reviewers:
+      - Nikita-Smirnov-Exactpro
+      - OptimumCode
+    labels:
+      - dependencies
+    schedule:
+      interval: daily
+  - package-ecosystem: github-actions
+    directory: /
+    reviewers:
+      - Nikita-Smirnov-Exactpro
+      - OptimumCode
+    labels:
+      - dependencies
+    schedule:
+      interval: daily
\ No newline at end of file
diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml
index b43790c..49d6b80 100644
--- a/.github/workflows/check.yml
+++ b/.github/workflows/check.yml
@@ -6,17 +6,14 @@ jobs:
   check:
     runs-on: ubuntu-20.04
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Set up Go
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v5
         with:
-          go-version: 1.19
-      
-      - name: Install protoc
-        run: sudo apt-get update && sudo apt-get install -y protobuf-compiler && protoc --version
-      
-      - name: Build sources
-        run: make build
+          go-version-file: go.mod
+
       - name: Check sources
-        run: make run-test
\ No newline at end of file
+        run: make run-test
+      - name: Build sources
+        run: make build
\ No newline at end of file
diff --git a/.github/workflows/vulnerability-check.yml b/.github/workflows/vulnerability-check.yml
new file mode 100644
index 0000000..ff0818e
--- /dev/null
+++ b/.github/workflows/vulnerability-check.yml
@@ -0,0 +1,27 @@
+name: Check repository for vulnerabilities
+
+on: [push, workflow_dispatch]
+
+jobs:
+  vulnerabilities:
+    env:
+      report-file: report.txt
+    name: Check vulnerabilities
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: 'stable'
+      - name: Install govulncheck
+        run: go install golang.org/x/vuln/cmd/govulncheck@latest
+      - name: Run check
+        run: govulncheck -show verbose ./... 2>&1 | tee ${{ env.report-file }}
+      - name: Collect report
+        if: always()
+        uses: actions/upload-artifact@v4
+        with:
+          name: 'govulncheck-report'
+          path: ${{ env.report-file }}
+          overwrite: true
\ No newline at end of file