ci: update CI workflows and standardize Trivy config quotes (#4531)

- Update gin workflow to use v2.9 and add Go 1.26 to the matrix - Upgrade Trivy action to v0.34.0 in the scan workflow - Change all single quotes to double quotes in Trivy workflow configuration Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2026-04-29 23:23:18 +08:00 · 2026-02-21 22:32:32 +08:00 · 2026-02-21 22:32:32 +08:00 · 00900fb3e1
commit 00900fb3e1
parent 5260de6a83
2 changed files with 16 additions and 16 deletions
--- a/.github/workflows/gin.yml
+++ b/.github/workflows/gin.yml
@ -26,14 +26,14 @@ jobs:
      - name: Setup golangci-lint
        uses: golangci/golangci-lint-action@v9
        with:
-          version: v2.6
+          version: v2.9
          args: --verbose
  test:
    needs: lint
    strategy:
      matrix:
        os: [ubuntu-latest, macos-latest]
-        go: ["1.24", "1.25"]
+        go: ["1.24", "1.25", "1.26"]
        test-tags:
          [
            "",
--- a/.github/workflows/trivy-scan.yml
+++ b/.github/workflows/trivy-scan.yml
@ -9,7 +9,7 @@ on:
      - master
  schedule:
    # Run daily at 00:00 UTC
-    - cron: '0 0 * * *'
+    - cron: "0 0 * * *"
  workflow_dispatch: # Allow manual trigger

 permissions:
@ -29,28 +29,28 @@ jobs:
      - name: Run Trivy vulnerability scanner (source code)
        uses: aquasecurity/trivy-action@0.34.0
        with:
-          scan-type: 'fs'
-          scan-ref: '.'
-          scanners: 'vuln,secret,misconfig'
-          format: 'sarif'
-          output: 'trivy-results.sarif'
-          severity: 'CRITICAL,HIGH,MEDIUM'
+          scan-type: "fs"
+          scan-ref: "."
+          scanners: "vuln,secret,misconfig"
+          format: "sarif"
+          output: "trivy-results.sarif"
+          severity: "CRITICAL,HIGH,MEDIUM"
          ignore-unfixed: true

      - name: Upload Trivy results to GitHub Security tab
        uses: github/codeql-action/upload-sarif@v4
        if: always()
        with:
-          sarif_file: 'trivy-results.sarif'
+          sarif_file: "trivy-results.sarif"

      - name: Run Trivy scanner (table output for logs)
        uses: aquasecurity/trivy-action@0.34.0
        if: always()
        with:
-          scan-type: 'fs'
-          scan-ref: '.'
-          scanners: 'vuln,secret,misconfig'
-          format: 'table'
-          severity: 'CRITICAL,HIGH,MEDIUM'
+          scan-type: "fs"
+          scan-ref: "."
+          scanners: "vuln,secret,misconfig"
+          format: "table"
+          severity: "CRITICAL,HIGH,MEDIUM"
          ignore-unfixed: true
-          exit-code: '1'
+          exit-code: "1"