Skip to content
You're viewing an older version of this GitHub Action. Do you want to see the latest version instead?
alert-octagon

GitHub Action

Golang Vulncheck

v0.0.2

Golang Vulncheck

alert-octagon

Golang Vulncheck

Performs vulnerability scan using govulncheck and afterwards uploads it as Sarif Report to Github

Installation

Copy and paste the following snippet into your .yml file.

 
              
- name: Golang Vulncheck

              
  uses: Templum/[email protected]
Learn more about this action in Templum/govulncheck-action

Choose a version

Golang Vulncheck

Performs vulnerability scan using govulncheck and afterwards uploads it as Sarif Report to Github

Build

Usage

Describe how to use your action here.

Example Workflow

Please be aware that this workflow highlights all available inputs. But all inputs come with a default value. Hence it is not required to provide any values.

name: My Workflow
on: [push, pull_request]
jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Running govulncheck
        uses: Templum/govulncheck-action@<version>
        with:
          package: ./...
          version: v0.0.0-20220908210932-64dbbd7bba4f
          github-token: ${{ secrets.GITHUB_TOKEN }}

Inputs

Input Description
package (optional) The package you want to scan, by default will be ./...
version (optional) Version of govulncheck that should be used, by default it will be latest
github-token (optional) Github Token to upload sarif report. Needs write permissions for security_events

Please be aware if the token is not specified it uses github.token for more details on that check those docs