Skip to content
Security Scan

Security Scan #131

Sign in to view logs

Security Scan

Security Scan #131

Workflow file for this run

.github/workflows/security.yml at 966516d
name: Security Scan
on:
push:
branches: [main]
pull_request:
branches: [main]
schedule:
- cron: "0 0 * * 0"
permissions:
contents: read
jobs:
security:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v5
- name: Set up Go
uses: actions/setup-go@v6
with:
go-version: "1.23"
- name: Run Gosec Security Scanner
uses: securego/gosec@master
with:
args: ./...
env:
CLOUDCONNEXA_BASE_URL: ${{ vars.CLOUDCONNEXA_BASE_URL }}
CLOUDCONNEXA_CLIENT_ID: ${{ secrets.CLOUDCONNEXA_CLIENT_ID }}
CLOUDCONNEXA_CLIENT_SECRET: ${{ secrets.CLOUDCONNEXA_CLIENT_SECRET }}
- name: Generate dependencies list
run: go list -json -m all > go.list
- name: Run nancy for dependency scanning
uses: sonatype-nexus-community/nancy-github-action@main
with:
goListFile: go.list