Skip to content

Enable Blackduck GO scanning #6419

New issue
Jump to bottom
New issue
Jump to bottom
Open
Open
Enable Blackduck GO scanning#6419
@dasormeter

Description

@dasormeter
dasormeter
opened on Jun 18, 2020

#6130 Enabling blackduck scanning on each master merge, but GO scanning has been disabled because the go executable is not on PATH in CI.

Once clarified with @aherrmann-da on the best means of adding go executable to PATH, or identifying the location of the executable, will enable the GO_MOD scanning

from @aherrmann

The location is determined in ci/dev-env-push.py using
    out = nix_build("./nix", "-A", "tools.nix-store-gcs-proxy")[0]
    cmd = [
            os.path.join(out, "bin", "nix-store-gcs-proxy"),
            "--bucket-name", BUCKET_NAME,
            ]

```is it worth adding to dev-env/bin/go?


For scripting the approach taken by ci/dev-env-push.py seems reasonable. Better to be explicit about where the tools come from. dev-env/bin is useful if devs want to call the tool from the command-line.

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions