Skip to content
Back to pull request #180

Bump actions/upload-artifact from 4.0.0 to 4.1.0 #497

Sign in to view logs

Bump actions/upload-artifact from 4.0.0 to 4.1.0

Bump actions/upload-artifact from 4.0.0 to 4.1.0 #497

Workflow file for this run

.github/workflows/security-code.yml at e9b5d1a
name: 'Code security analysis'
on:
push:
tags: ['*']
branches: ['*']
pull_request:
branches: ['*']
schedule:
- cron: '25 10 * * 3'
workflow_dispatch:
permissions: {}
jobs:
analyze-codeql:
name: 'CodeQL analysis'
runs-on: 'ubuntu-latest'
permissions:
actions: 'read'
contents: 'read'
security-events: 'write'
strategy:
fail-fast: false
matrix:
language: ['go']
steps:
- name: 'Checkout'
uses: 'actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11'
- name: 'Set up Go'
uses: 'actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491'
with:
go-version-file: './go.mod'
check-latest: true
- name: 'Initialize CodeQL'
uses: 'github/codeql-action/init@cdcdbb579706841c47f7063dda365e292e5cad7a'
with:
languages: '${{ matrix.language }}'
- name: 'Autobuild'
uses: 'github/codeql-action/autobuild@cdcdbb579706841c47f7063dda365e292e5cad7a'
- name: 'Perform CodeQL analysis'
uses: 'github/codeql-action/analyze@cdcdbb579706841c47f7063dda365e292e5cad7a'
analyze-gosec:
name: 'Gosec analysis'
runs-on: 'ubuntu-latest'
permissions:
actions: 'read'
contents: 'read'
security-events: 'write'
steps:
- name: 'Checkout'
uses: 'actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11'
- name: 'Set up Go'
uses: 'actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491'
with:
go-version-file: './go.mod'
check-latest: true
- name: 'Perform Gosec analysis'
uses: 'securego/gosec@55d79496019a560e16e73e1948dee20a1fad631a'
with:
args: '-no-fail -tests -fmt sarif -out ./results.sarif ./...'
- name: 'Upload SARIF file'
uses: 'github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a'
with:
sarif_file: './results.sarif'