Skip to content

govulncheck

govulncheck #249

Workflow file for this run

# SPDX-FileCopyrightText: 2023 Risk.Ident GmbH <[email protected]>
#
# SPDX-License-Identifier: CC0-1.0
name: govulncheck
on:
push:
branches:
- main
pull_request:
schedule:
- cron: 0 8 * * 1 # 08:00 on mondays
jobs:
govulncheck:
runs-on: ubuntu-latest
name: Run govulncheck
steps:
- uses: actions/checkout@v4
- id: govulncheck
uses: golang/govulncheck-action@v1
with:
go-version-file: go.mod
go-package: ./...
- name: Send Slack message
uses: slackapi/[email protected]
if: ${{ failure() && steps.govulncheck.conclusion == 'failure' && github.ref == 'refs/heads/main' }}
with:
payload: |
{
"blocks": [
{
"type": "header",
"text": {
"type": "plain_text",
"text": "govulncheck",
"emoji": true
}
},
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "Vulnerabilities in <${{ github.server_url }}/${{ github.repository }}|${{ github.repository }}> was found by govulncheck on ${{ github.ref_type }} <${{ github.event.pull_request.html_url || github.event.head_commit.url }}|${{ github.head_ref || github.ref_name }}>"
}
},
{
"type": "context",
"elements": [
{
"type": "mrkdwn",
"text": "<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|${{ github.workflow_ref }}>"
}
]
}
]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK