From d37f3407ae69ad5a69626d00fa18fce55f7674a1 Mon Sep 17 00:00:00 2001 From: Karen Xu Date: Fri, 21 May 2021 12:33:42 -0400 Subject: [PATCH] Add GoSec Security Scan (#154) * Add gosec workflow * Update changelog * Update CHANGELOG.md Co-authored-by: Daniel Jaglowski * Add trigger on PR * test Co-authored-by: Daniel Jaglowski --- .github/workflows/gosec.yml | 35 +++++++++++++++++++++++++++++++++++ CHANGELOG.md | 1 + 2 files changed, 36 insertions(+) create mode 100644 .github/workflows/gosec.yml diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml new file mode 100644 index 00000000..de654e28 --- /dev/null +++ b/.github/workflows/gosec.yml @@ -0,0 +1,35 @@ +name: Run Gosec +on: + workflow_dispatch: + schedule: + # ┌───────────── minute (0 - 59) + # │ ┌───────────── hour (0 - 23) + # │ │ ┌───────────── day of the month (1 - 31) + # │ │ │ ┌───────────── month (1 - 12 or JAN-DEC) + # │ │ │ │ ┌───────────── day of the week (0 - 6 or SUN-SAT) + # │ │ │ │ │ + # │ │ │ │ │ + # │ │ │ │ │ + # * * * * * + - cron: '30 1 * * *' + + pull_request: + branches: [ main ] + +jobs: + tests: + runs-on: ubuntu-latest + env: + GO111MODULE: on + steps: + - name: Checkout Source + uses: actions/checkout@v2 + + - name: Run Gosec Security Scanner + uses: securego/gosec@master + with: + args: '-no-fail -fmt sarif -out results.sarif ./...' + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v1 + with: + sarif_file: results.sarif diff --git a/CHANGELOG.md b/CHANGELOG.md index a03c0ab8..006edba1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## Unreleased ### Added +- GoSec workflow added to GitHub Actions ([PR154](https://github.com/open-telemetry/opentelemetry-log-collection/pull/154)) - CodeQL workflow added to GitHub Actions ([PR153](https://github.com/open-telemetry/opentelemetry-log-collection/pull/153)) ### Removed