Skip to content

Commit 20ef728

Browse files
anhthiianhthii
committed
Update cI
1 parent b208d1f commit 20ef728

2 files changed

Lines changed: 25 additions & 9 deletions

File tree

.github/workflows/ci.yml

Lines changed: 24 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ on:
77
branches: ["*"]
88

99
env:
10-
GO_VERSION: "1.24"
10+
GO_VERSION: "1.25.5"
1111

1212
jobs:
1313
test:
@@ -101,8 +101,17 @@ jobs:
101101
fi
102102
continue-on-error: true
103103

104+
- name: Clean SARIF file (remove duplicate tags)
105+
if: always()
106+
run: |
107+
# Remove duplicate tags from SARIF rules to fix validation errors
108+
jq '(.runs[]?.tool.driver.rules[]?.properties.tags) |= unique' \
109+
govulncheck-results.sarif > govulncheck-results-clean.sarif
110+
mv govulncheck-results-clean.sarif govulncheck-results.sarif
111+
echo "✅ Cleaned govulncheck SARIF file"
112+
104113
- name: Upload govulncheck results to GitHub Security tab
105-
uses: github/codeql-action/upload-sarif@v3
114+
uses: github/codeql-action/upload-sarif@v4
106115
if: always()
107116
with:
108117
sarif_file: govulncheck-results.sarif
@@ -116,8 +125,17 @@ jobs:
116125
gosec -fmt sarif -out gosec-results.sarif -exclude G304 ./...
117126
continue-on-error: true
118127

128+
- name: Clean gosec SARIF file (remove duplicate tags)
129+
if: always()
130+
run: |
131+
# Remove duplicate tags from SARIF rules to fix validation errors
132+
jq '(.runs[]?.tool.driver.rules[]?.properties.tags) |= unique' \
133+
gosec-results.sarif > gosec-results-clean.sarif
134+
mv gosec-results-clean.sarif gosec-results.sarif
135+
echo "✅ Cleaned gosec SARIF file"
136+
119137
- name: Upload gosec results to GitHub Security tab
120-
uses: github/codeql-action/upload-sarif@v3
138+
uses: github/codeql-action/upload-sarif@v4
121139
if: always()
122140
with:
123141
sarif_file: gosec-results.sarif
@@ -151,7 +169,7 @@ jobs:
151169
run: go mod download
152170

153171
- name: Initialize CodeQL
154-
uses: github/codeql-action/init@v3
172+
uses: github/codeql-action/init@v4
155173
with:
156174
languages: ${{ matrix.language }}
157175
queries: +security-and-quality
@@ -162,7 +180,7 @@ jobs:
162180
go build -v ./cmd/mpcium-cli
163181
164182
- name: Perform CodeQL Analysis
165-
uses: github/codeql-action/analyze@v3
183+
uses: github/codeql-action/analyze@v4
166184
with:
167185
category: "/language:${{matrix.language}}"
168186

@@ -237,7 +255,7 @@ jobs:
237255
continue-on-error: true
238256

239257
- name: Upload Grype results to GitHub Security tab
240-
uses: github/codeql-action/upload-sarif@v3
258+
uses: github/codeql-action/upload-sarif@v4
241259
if: always()
242260
with:
243261
sarif_file: grype-results.sarif

go.mod

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,6 @@
11
module github.com/fystack/mpcium
22

3-
go 1.23.8
4-
5-
toolchain go1.24.7
3+
go 1.25.5
64

75
require (
86
filippo.io/age v1.2.1

0 commit comments

Comments
 (0)