-
Notifications
You must be signed in to change notification settings - Fork 34
32 lines (32 loc) · 973 Bytes
/
audit.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
---
name: "Audit"
on: # yamllint disable-line rule:truthy
push:
pull_request:
schedule:
- cron: "0 0 * * 1"
jobs:
Audit:
runs-on: "ubuntu-latest"
env:
GOPATH: "/home/runner/go"
steps:
- run: "echo \"/usr/local/go/bin\" >> $GITHUB_PATH"
- run: "echo \"${GOPATH}/bin\" >> $GITHUB_PATH"
- uses: "actions/checkout@v4"
- run: "sudo apt-get update"
- run: "sudo apt-get install -y cargo make npm wget"
- run: "wget https://go.dev/dl/go1.21.5.linux-amd64.tar.gz"
- run: "sudo tar -C /usr/local -xzf go1.21.5.linux-amd64.tar.gz"
- run: "make -f install.mk"
#
# Debian-based Ubuntu GitHub Actions base OS is
# expected to present unresolvable CVE's.
#
# Disabling (GitHub Actions Hosted) safety runner step for now.
# Care when merging pull requests.
# In any case, all CI/CD jobs can be peformed locally.
#
- run: "make snyk"
env:
SNYK_TOKEN: "${{ secrets.SNYK_TOKEN }}"