Create security-build.yml

.github/workflows/security-build.yml

@@ -0,0 +1,37 @@
+
+name: Security Build
+on:
+  push:
+  workflow_dispatch: {}
+
+
+jobs:
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/setup-go@v3
+        with:
+          go-version: 1.17
+      - uses: actions/checkout@v3
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          version: latest
+
+  govuln:
+    name: Run govuln check and Publish
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Running govulncheck
+        uses: Templum/[email protected]
+        continue-on-error: true
+        env:
+          DEBUG: "true"
+        with:
+          go-version: 1.18 # this mush match your code's golang version
+          vulncheck-version: latest
+          package: ./...
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          fail-on-vuln: true