add osv-scanner config for correcting go version used

Signed-off-by: Tuomo Tanskanen <[email protected]>
metal3-io · Sep 25, 2024 · 570a9a1 · 570a9a1
1 parent ce1b21f
commit 570a9a1
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 1 deletion.
diff --git a/.github/osv-scanner.toml b/.github/osv-scanner.toml
@@ -0,0 +1,2 @@
+GoVersionOverride = "1.22.7"
+
diff --git a/.github/workflows/osv-scanner-scan.yml b/.github/workflows/osv-scanner-scan.yml
@@ -6,6 +6,7 @@ name: OSV-Scanner Scan
 on:
   schedule:
   - cron: "12 12 * * 1"
+  workflow_dispatch:
 
 # Restrict jobs in this workflow to have no permissions by default; permissions
 # should be granted per job as needed using a dedicated `permissions` block
@@ -17,5 +18,11 @@ jobs:
       actions: read
       contents: read # to fetch code (actions/checkout)
       security-events: write # for uploading SARIF files
-    if: ${{ github.repository == 'metal3-io/ip-address-manager' && github.event_name == 'schedule' }}
+    # if: ${{ github.repository == 'metal3-io/ip-address-manager' }}
     uses: google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@7c52d44abe9736f8a11bac47f6baadad7b3389f5 # v1.8.5
+    with:
+      scan-args: |-
+        --config .github/osv-scanner.toml
+        --skip-git
+        --recursive
+        ./