Skip to content

ADD govluncheck action#493

Open
mcbenjemaa wants to merge 2 commits into
mainfrom
goluncheck
Open

ADD govluncheck action#493
mcbenjemaa wants to merge 2 commits into
mainfrom
goluncheck

Conversation

@mcbenjemaa
Copy link
Copy Markdown
Member

@mcbenjemaa mcbenjemaa commented May 28, 2025
edited
Loading

This PR adds govluncheck action to check for CVEs in go packages.

Fixes #487

@mcbenjemaa mcbenjemaa self-assigned this May 28, 2025
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 28, 2025

Tests

Please note that running unit and e2e tests requires manual approval from a team member.

e2e tests

We use labels to control which e2e tests contexts are run:

Label Behaviour
none Run Generic tests only
e2e/none skip all e2e tests (documentation etc) - overrides all e2e/* labels Do not run any e2e tests
e2e/flatcar run Flatcar e2e tests Add Flatcar tests

ℹ️ Ask a team member to add the requested labels if you don't have enough permissions.

@mcbenjemaa mcbenjemaa added the e2e/none skip all e2e tests (documentation etc) - overrides all e2e/* labels label May 28, 2025
@wikkyk
Copy link
Copy Markdown
Collaborator

wikkyk commented Jul 4, 2025

Is dependabot insufficient?

@mcbenjemaa
Copy link
Copy Markdown
Member Author

mcbenjemaa commented Jul 4, 2025

Is Dependabot insufficient?

We have agreed long before to add this.

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Aug 6, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Jan 16, 2026

No vulnerabilities found.

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Jan 16, 2026

Quality Gate Failed Quality Gate failed

Failed conditions
2 Security Hotspots
C Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

wikkyk
wikkyk reviewed Jan 19, 2026
View reviewed changes
Comment thread .github/workflows/vulncheck.yml
govulncheck:
name: vulncheck
runs-on: ubuntu-latest
permissions: write-all
Copy link
Copy Markdown
Collaborator

@wikkyk wikkyk Jan 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use a more fine-grained permission.

@wikkyk wikkyk force-pushed the main branch 2 times, most recently from 4b68fd4 to a1d0e00 Compare May 13, 2026 12:26
@wikkyk wikkyk added the github Updates GitHub config (actions, dependabot, ...) label May 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wikkyk wikkyk wikkyk left review comments

@65278 65278 Awaiting requested review from 65278 65278 is a code owner

@avorima avorima Awaiting requested review from avorima

@pborn-ionos pborn-ionos Awaiting requested review from pborn-ionos pborn-ionos is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@mcbenjemaa mcbenjemaa

Labels

e2e/none skip all e2e tests (documentation etc) - overrides all e2e/* labels github Updates GitHub config (actions, dependabot, ...)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

govulncheck action

2 participants

@mcbenjemaa @wikkyk