fix gosec some bug

Signed-off-by: peng9808 <[email protected]>

.github/workflows/period-check.yml

@@ -16,11 +16,21 @@ jobs:
         uses: actions/checkout@v2
         with:
           fetch-depth: 0
-      - name: Run gosec security scan
+      - name: Install Go, gosec, and Run Security Scan
         run: |
-          curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s latest
+          sudo rm -rf /usr/local/go
+
+          wget https://golang.org/dl/go1.22.7.linux-amd64.tar.gz
+          sudo tar -C /usr/local -xzf go1.22.7.linux-amd64.tar.gz
+          export PATH=/usr/local/go/bin:$PATH
+          go version
+          
+          go install github.com/securego/gosec/v2/cmd/gosec@latest
+          export PATH=$(go env GOPATH)/bin:$PATH
+          gosec --version
+
           gosec -severity high -confidence high ./... || exit 1
       - name: e2e test
         env:
           E2E_TESTING_LEVEL: "periodCheck"
-        run: make e2e-test
+        run: make e2e-test

.github/workflows/pr.yml

@@ -20,9 +20,19 @@ jobs:
         uses: actions/checkout@v2
         with:
           fetch-depth: 0
-      - name: Run gosec security scan
+      - name: Install Go, gosec, and Run Security Scan
         run: |
-          curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s latest
+          sudo rm -rf /usr/local/go
+
+          wget https://golang.org/dl/go1.22.7.linux-amd64.tar.gz
+          sudo tar -C /usr/local -xzf go1.22.7.linux-amd64.tar.gz
+          export PATH=/usr/local/go/bin:$PATH
+          go version
+          
+          go install github.com/securego/gosec/v2/cmd/gosec@latest
+          export PATH=$(go env GOPATH)/bin:$PATH
+          gosec --version
+
           gosec -severity high -confidence high ./... || exit 1
       - name: pr test
         env: