Init

Author: debug-ing

.github/workflows/go-vunl-checker.yml

@@ -0,0 +1,19 @@
+name: Go Version Checker Workflow
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    branches:
+      - master
+
+jobs:
+  check-go-version:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+       
+      - name: Run Go Vulnerability Checker
+        uses: ./

.vscode/settings.json

@@ -0,0 +1,5 @@
+{
+    "cSpell.words": [
+        "govulncheck"
+    ]
+}

Dockerfile

@@ -0,0 +1,13 @@
+FROM golang:1.23
+
+WORKDIR /app
+
+RUN go install golang.org/x/vuln/cmd/govulncheck@latest
+
+COPY . .
+
+RUN go build -o main main.go
+
+RUN ls -l /app
+
+ENTRYPOINT ["/app/main"]    

action.yml

@@ -0,0 +1,11 @@
+name: "Go Vulnerability Checker"
+description: "Scans Go dependencies for security vulnerabilities using govulncheck"
+author: "YourName"
+
+runs:
+  using: "docker"
+  image: "Dockerfile"
+
+branding:
+  icon: "shield"
+  color: "red"

go.mod

@@ -0,0 +1,3 @@
+module github.com/debug-ing/go-vulnerability-checker
+
+go 1.22.3

main.go

@@ -0,0 +1,19 @@
+package main
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+)
+
+func main() {
+	fmt.Println("Starting Go Dependency Vulnerability Scan...")
+	cmd := exec.Command("govulncheck", "./...")
+	cmd.Stdout = os.Stdout
+	cmd.Stderr = os.Stderr
+	if err := cmd.Run(); err != nil {
+		fmt.Println("Error during vulnerability scan:", err)
+		os.Exit(1)
+	}
+	fmt.Println("Vulnerability scan completed successfully!")
+}