0xPolygon · christophercampbell · Apr 24, 2024 · Mar 1, 2024 · Mar 1, 2024 · Mar 1, 2024
@@ -0,0 +1 @@
+* @0xPolygon/core-cdk
@@ -0,0 +1,37 @@
+
+name: Security Build
+on:
+  push:
+  workflow_dispatch: {}
+
+
+jobs:
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/setup-go@v3
+        with:
+          go-version: 1.17
+      - uses: actions/checkout@v3
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          version: latest
+
+  govuln:
+    name: Run govuln check and Publish
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Running govulncheck
+        uses: Templum/[email protected]
+        continue-on-error: true
+        env:
+          DEBUG: "true"
+        with:
+          go-version: 1.18 # this mush match your code's golang version
+          vulncheck-version: latest
+          package: ./...
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          fail-on-vuln: true
diff --git a/.github/workflows/sonar-cloud.yml b/.github/workflows/sonar-cloud.yml
@@ -0,0 +1,24 @@
+name: Security Build
+on:
+  push:
+    branches:
+      - main
+      - dev
+      - staging
+  workflow_dispatch: {}
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+jobs:
+  sonarcloud:
+    name: SonarCloud
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarcloud-github-action@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}