Merge pull request #315 from SgtCoDFish/govulncheck-goprivate

Add GOPRIVATE option for govulncheck

Author: cert-manager-prow[bot]

modules/go/01_mod.mk

@@ -58,6 +58,7 @@ generate-go-mod-tidy: | $(NEEDS_GO)
 shared_generate_targets += generate-go-mod-tidy
 
 default_govulncheck_generate_base_dir := $(dir $(lastword $(MAKEFILE_LIST)))/base/
+
 # The base directory used to copy the govulncheck GH action from. This can be
 # overwritten with an action with extra authentication or with a totally different
 # pipeline (eg. a GitLab pipeline).
@@ -67,6 +68,10 @@ govulncheck_generate_base_dir ?= $(default_govulncheck_generate_base_dir)
 # being run on every fork of the repo.
 govulncheck_generate_org ?= cert-manager
 
+# Any closed-source or inaccessible Go modules that should be ignored by govulncheck; not needed
+# for most open-source projects.
+govulncheck_goprivate ?=
+
 .PHONY: generate-govulncheck
 ## Generate base files in the repository
 ## @category [shared] Generate/ Verify
@@ -96,7 +101,7 @@ verify-govulncheck: | $(NEEDS_GOVULNCHECK)
 				target=$$(dirname $${d}); \
 				echo "Running 'GOTOOLCHAIN=go$(VENDORED_GO_VERSION) $(bin_dir)/tools/govulncheck ./...' in directory '$${target}'"; \
 				pushd "$${target}" >/dev/null; \
-				GOTOOLCHAIN=go$(VENDORED_GO_VERSION) $(GOVULNCHECK) ./... || exit; \
+				GOPRIVATE=$(govulncheck_goprivate) GOTOOLCHAIN=go$(VENDORED_GO_VERSION) $(GOVULNCHECK) ./... || exit; \
 				popd >/dev/null; \
 				echo ""; \
 			done