govulncheck: checkout branch for action (#3645)

nuts-foundation · Jan 8, 2025 · eb353ae · eb353ae
1 parent 854047e
commit eb353ae
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/.github/workflows/govulncheck-cron-schedule.yaml b/.github/workflows/govulncheck-cron-schedule.yaml
@@ -4,10 +4,10 @@
 # For more information see https://go.dev/blog/vuln and https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck
 name: 'Scheduled govulncheck'
 
-# run schedule every work day at 9:42
+# run schedule every work day at 9:42 UTC
 on:
   schedule:
-    - cron: '42 9 * * 1-5'
+    - cron: '0,15,30,45 * * * 1-5'
 
 jobs:
   govulncheck_job:
@@ -23,11 +23,17 @@ jobs:
           - 'V5.4'
           - 'V6.0'
     steps:
+      - name: Checkout branch
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ matrix.branches }}
+
       - id: govulncheck
         uses: golang/govulncheck-action@v1
         with:
           # TODO: This should probably run against the builder or runtime in the Dockerfile.
           #       I don't think it is possible to detect those versions here, but maybe run against `go-version-input: 'stable'`
           #       and detect container vulnerabilities in a different action?
+          go-version-input: '' # remove default
           go-version-file: 'go.mod'
           go-package: ./...