build: switch to toolchain-cicd/govulncheck-action

[rsoaresd]

Description

Currently, we only have our custom govulncheck-action enabled on wa, host-operator, member-operator, and registration-service. We need to enable it in the other repos (toolchain-e2e, toolchain-common, ...)

Why are we using our custom toolchain-cicd/govulncheck-action?

Unfortunately, govulncheck does not have a feature for ignoring the vulns. There is a feature request, but we do not know when it will be addressed. To avoid govulncheck failing in PRs, we implemented a workaround on toolchain-cicd to ignore vulnerabilities that do not have a fix available or require a higher Go version than we have.

Related PRs

codeready-toolchain/toolchain-e2e#1190
codeready-toolchain/toolchain-common#490
codeready-toolchain/api#483

Issue ticket number and link

SANDBOX-1401

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 70.54%. Comparing base (25e9272) to head (5e856e0).
⚠️ Report is 1 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #122   +/-   ##
=======================================
  Coverage   70.54%   70.54%           
=======================================
  Files          56       56           
  Lines        4013     4013           
=======================================
  Hits         2831     2831           
  Misses        958      958           
  Partials      224      224           

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.