Init

debug-ing · debug-ing · commit 849f51d1b23c · 2024-12-17T10:59:27.000+03:30
diff --git a/.github/workflows/go-vuln-scan.yml b/.github/workflows/go-vuln-scan.yml
@@ -0,0 +1,19 @@
+name: Go Vulnerability Scan
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    branches:
+      - master
+
+jobs:
+  check-go-version:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+       
+      - name: Run Go Vulnerability Scanner
+        uses: ./
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -0,0 +1,5 @@
+{
+    "cSpell.words": [
+        "govulncheck"
+    ]
+}
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,13 @@
+FROM golang:1.23
+
+WORKDIR /app
+
+RUN go install golang.org/x/vuln/cmd/govulncheck@latest
+
+COPY . .
+
+RUN go build -o main main.go
+
+RUN ls -l /app
+
+ENTRYPOINT ["/app/main"]    
diff --git a/README.md b/README.md
@@ -0,0 +1,33 @@
+# Go Vulnerability Scanner GitHub Action 🚀
+
+Easily scan your Go projects for known vulnerabilities using the govulncheck tool provided by golang.org/x/vuln. This GitHub Action integrates seamlessly into your CI/CD pipeline, ensuring your dependencies are up-to-date and free from security risks.
+
+
+## Usage
+Add the following workflow file to your project:
+
+.github/workflows/go-vuln-scan.yml:
+
+```
+name: Go Vulnerability Scan
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  vuln-scan:
+    name: Run Go Vulnerability Scanner
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Run Go Vulnerability Scanner
+        uses: debug-ing/go-vuln-scanner@v1.0
+```
diff --git a/action.yml b/action.yml
@@ -0,0 +1,11 @@
+name: "Go Vulnerability Scanner"
+description: "Scans Go dependencies for security vulnerabilities using govulncheck"
+author: "Mahdi Mohammadi"
+
+runs:
+  using: "docker"
+  image: "Dockerfile"
+
+branding:
+  icon: "shield"
+  color: "red"
diff --git a/go.mod b/go.mod
@@ -0,0 +1,3 @@
+module github.com/debug-ing/go-vuln-scanner
+
+go 1.22.3
diff --git a/main.go b/main.go
@@ -0,0 +1,19 @@
+package main
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+)
+
+func main() {
+	fmt.Println("Starting Go Dependency Vulnerability Scan...")
+	cmd := exec.Command("govulncheck", "./...")
+	cmd.Stdout = os.Stdout
+	cmd.Stderr = os.Stderr
+	if err := cmd.Run(); err != nil {
+		fmt.Println("Error during vulnerability scan:", err)
+		os.Exit(1)
+	}
+	fmt.Println("Vulnerability scan completed successfully!")
+}

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +{
 +    "cSpell.words": [
 +        "govulncheck"
 +    ]
 +}
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+module github.com/debug-ing/go-vuln-scanner`
	`2`	`+`
	`3`	`+go 1.22.3`