Allow to run subset of rules for gosec

Signed-off-by: L. Pivarc <lpivarc@redhat.com>
fossedihelm · Nov 24, 2020 · 8b5b81a · 8b5b81a
1 parent 66b0640
commit 8b5b81a
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/Makefile b/Makefile
@@ -54,7 +54,7 @@ go-build:
 	hack/dockerized "KUBEVIRT_VERSION=${KUBEVIRT_VERSION} ./hack/build-go.sh install ${WHAT}" && ./hack/build-copy-artifacts.sh ${WHAT}
 
 gosec:
-	hack/dockerized "./hack/gosec.sh"
+	hack/dockerized "GOSEC=${GOSEC} ./hack/gosec.sh"
 
 coverage:
 	hack/dockerized "./hack/coverage.sh ${WHAT}"

diff --git a/hack/gosec.sh b/hack/gosec.sh
@@ -7,4 +7,10 @@ mkdir -p $ARTIFACTS
 echo "Run go sec in pkg"
 cd $KUBEVIRT_DIR/pkg
 
-gosec -sort -quiet -out=${ARTIFACTS}/junit-gosec.xml -exclude-dir=testutils -fmt=junit-xml ./...
+if [ -z $GOSEC ]; then
+    gosec -sort -quiet -out=${ARTIFACTS}/junit-gosec.xml -exclude-dir=testutils -fmt=junit-xml ./...
+else
+    echo "Running subset"
+    echo $GOSEC
+    gosec -include=$GOSEC -sort -quiet -out=${ARTIFACTS}/junit-gosec.xml -exclude-dir=testutils -fmt=junit-xml ./...
+fi