add actions

jfrog · Jul 16, 2024 · 2286676 · 2286676
1 parent aa5ffe7
commit 2286676
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 20 deletions.
diff --git a/actions/golanci-lint/action.yml b/actions/golanci-lint/action.yml
@@ -4,20 +4,8 @@ description: 'CLA Assistant'
 runs:
   using: 'composite'
   steps:
-    - name: "CLA Assistant"
-      if: ${{ steps.sign-or-recheck.outputs.match != '' || github.event_name == 'pull_request_target' }}
-      # Alpha Release
-      uses: cla-assistant/github-action@v2.3.0
-      env:
-        # Generated and maintained by GitHub
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        # JFrog organization secret
-        PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_SIGN_TOKEN }}
+    - name: Static Code Analysis
+      uses: golangci/golangci-lint-action@v4
       with:
-        path-to-signatures: "signed_clas.json"
-        path-to-document: "https://jfrog.com/cla/"
-        remote-organization-name: "jfrog"
-        remote-repository-name: "jfrog-signed-clas"
-        # branch should not be protected
-        branch: "master"
-        allowlist: bot*
+        args: |
+          --timeout 5m --out-${NO_FUTURE}format colored-line-number --enable errcheck,gosimple,govet,ineffassign,staticcheck,typecheck,unused,gocritic,asasalint,asciicheck,errchkjson,exportloopref,forcetypeassert,makezero,nilerr,unparam,unconvert,wastedassign,usestdlibvars
diff --git a/actions/gosec-scanner/action.yml b/actions/gosec-scanner/action.yml
@@ -4,8 +4,7 @@ description: 'Static Code Analysis with golangci'
 runs:
   using: 'composite'
   steps:
-    - name: Static Code Analysis
-      uses: golangci/golangci-lint-action@v4
+    - name: Run Gosec Security Scanner
+      uses: securego/gosec@latest
       with:
-        args: |
-          --timeout 5m --out-${NO_FUTURE}format colored-line-number --enable errcheck,gosimple,govet,ineffassign,staticcheck,typecheck,unused,gocritic,asasalint,asciicheck,errchkjson,exportloopref,forcetypeassert,makezero,nilerr,unparam,unconvert,wastedassign,usestdlibvars 
+        args: -exclude G204,G301,G302,G304,G306 -tests -exclude-dir \.*test\.* ./...