Skip to content

Commit c0ce3fd

Browse files
josvazgjosvazg
committed
Add govulncheck to CRD2Go CI checks
Signed-off-by: jose.vazquez <[email protected]>
1 parent 5ad559a commit c0ce3fd

File tree

3 files changed

+14
-1
lines changed

3 files changed

+14
-1
lines changed

tools/crd2go/go.mod

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -229,7 +229,9 @@ require (
229229
golang.org/x/net v0.44.0 // indirect
230230
golang.org/x/sync v0.17.0 // indirect
231231
golang.org/x/sys v0.36.0 // indirect
232+
golang.org/x/telemetry v0.0.0-20250908211612-aef8a434d053 // indirect
232233
golang.org/x/tools v0.37.0 // indirect
234+
golang.org/x/vuln v1.1.4 // indirect
233235
google.golang.org/protobuf v1.36.7 // indirect
234236
gopkg.in/inf.v0 v0.9.1 // indirect
235237
gopkg.in/ini.v1 v1.67.0 // indirect
@@ -252,4 +254,5 @@ tool (
252254
github.com/google/addlicense
253255
github.com/google/go-licenses/v2
254256
github.com/magefile/mage
257+
golang.org/x/vuln/cmd/govulncheck
255258
)

tools/crd2go/go.sum

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -627,6 +627,8 @@ golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
627627
golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
628628
golang.org/x/sys v0.36.0 h1:KVRy2GtZBrk1cBYA7MKu5bEZFxQk4NIDV6RLVcC8o0k=
629629
golang.org/x/sys v0.36.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
630+
golang.org/x/telemetry v0.0.0-20250908211612-aef8a434d053 h1:dHQOQddU4YHS5gY33/6klKjq7Gp3WwMyOXGNp5nzRj8=
631+
golang.org/x/telemetry v0.0.0-20250908211612-aef8a434d053/go.mod h1:+nZKN+XVh4LCiA9DV3ywrzN4gumyCnKjau3NGb9SGoE=
630632
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
631633
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
632634
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
@@ -667,6 +669,8 @@ golang.org/x/tools/go/expect v0.1.1-deprecated h1:jpBZDwmgPhXsKZC6WhL20P4b/wmnps
667669
golang.org/x/tools/go/expect v0.1.1-deprecated/go.mod h1:eihoPOH+FgIqa3FpoTwguz/bVUSGBlGQU67vpBeOrBY=
668670
golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated h1:1h2MnaIAIXISqTFKdENegdpAgUXz6NrPEsbIeWaBRvM=
669671
golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated/go.mod h1:RVAQXBGNv1ib0J382/DPCRS/BPnsGebyM1Gj5VSDpG8=
672+
golang.org/x/vuln v1.1.4 h1:Ju8QsuyhX3Hk8ma3CesTbO8vfJD9EvUBgHvkxHBzj0I=
673+
golang.org/x/vuln v1.1.4/go.mod h1:F+45wmU18ym/ca5PLTPLsSzr2KppzswxPP603ldA67s=
670674
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
671675
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
672676
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

tools/crd2go/magefile.go

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ import (
2727

2828
// CI runs all linting and validation checks.
2929
func CI() {
30-
mg.SerialDeps(Build, UnitTests, Addlicense, Checklicense, GCI, Lint)
30+
mg.SerialDeps(Build, UnitTests, Addlicense, Checklicense, GCI, Lint, Govulncheck)
3131
fmt.Println("✅ CI PASSED all checks")
3232
}
3333

@@ -107,6 +107,12 @@ func Lint() error {
107107
"./cmd/...", "./internal/...", "./k8s/...", "./pkg/...")
108108
}
109109

110+
// Govulncheck checks for Go toolchain or library vulnerabilities
111+
func Govulncheck() error {
112+
return wrapRun("🔬 Running Go Vulnerability Check:\n",
113+
"go", "tool", "govulncheck", "./...")
114+
}
115+
110116
func wrapRun(msg, cmd string, args ...string) error {
111117
fmt.Print(msg)
112118
if err := sh.RunV(cmd, args...); err != nil {

0 commit comments

Comments
 (0)