Merge pull request #7 from MGSousa/chore/security_check

Added Security Checks Workflow, some adjustments
MGSousa · Dec 18, 2024 · c460444 · c460444
2 parents 8af490b + d27dd8f
commit c460444
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 3 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -1,4 +1,4 @@
-name: Release prom-exporter
+name: Release
 
 on:
   push:

diff --git a/.github/workflows/security-tests.yml b/.github/workflows/security-tests.yml
@@ -0,0 +1,15 @@
+name: Security Check
+on:
+  pull_request:
+
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Run Gosec Security Scanner
+        uses: securego/gosec@v2.21.4
+        with:
+          args: ./...
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -1,4 +1,4 @@
-name: Test prom-exporter
+name: Test Build
 
 on:
   pull_request:

diff --git a/Makefile b/Makefile
@@ -3,10 +3,19 @@ ACT_URL = https://raw.githubusercontent.com/nektos/act/master/install.sh
 
 ACT := $(shell command -v act)
 
-test_ci:
+.PHONY: test act test_sec test_ci docker_build goreleaser_build
+
+test: test_sec test_ci
+
+act:
 	@[ ! -x "$(ACT)" ] && (curl --proto '=https' --tlsv1.2 -sSf $(ACT_URL) | sudo bash && sudo install ./bin/act /usr/local/bin/) || true
+
+test_ci: act
 	@act push --rm -j "test"
 
+test_sec: act
+	@act push --rm -j "security"
+
 docker_build:
 	@docker build --no-cache -t $(BINARY) .