-
Notifications
You must be signed in to change notification settings - Fork 133
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a govulncheck job. #6345
base: master
Are you sure you want to change the base?
Add a govulncheck job. #6345
Conversation
Images are ready for the commit at 84df2d3. To use with deploy scripts, first |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's get back to it once we get rid of cgo and maybe this check will be added to golangci-lint
So golangci will not integrate this check I've created a PR that scans binaries not code and it's working |
FTR it's currently crashing when scanning operator source. |
@porridge can we close this? I believe we have it now :) |
@RTann govulncheck has at least two functionalities - source scanning and binary scanning, I believe the job we have is only using one of them (the latter). This is about the former one. |
Description
https://go.dev/blog/vuln
Checklist
Unit test and regression tests addedEvaluated and added CHANGELOG entry if requiredDetermined and documented upgrade stepsDocumented user facing changes (create PR based on openshift/openshift-docs and merge into rhacs-docs)Testing Performed
Relying on CI.