blackteay/gin
3
0
Fork 0
mirror of https://github.com/gin-gonic/gin.git synced 2026-04-29 23:23:18 +08:00
Code Issues Projects Releases Wiki Activity

ci: update CI workflows and standardize Trivy config quotes (#4531)

Browse Source 
- Update gin workflow to use v2.9 and add Go 1.26 to the matrix
- Upgrade Trivy action to v0.34.0 in the scan workflow
- Change all single quotes to double quotes in Trivy workflow configuration

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
This commit is contained in:
Bo-Yi Wu 2026-02-21 22:32:32 +08:00 committed by GitHub
parent 5260de6a83
commit 00900fb3e1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/gin.yml vendored
View File

@ -26,14 +26,14 @@ jobs:
- name: Setup golangci-lint - name: Setup golangci-lint
uses: golangci/golangci-lint-action@v9 uses: golangci/golangci-lint-action@v9
with: with:
version: v2.6 version: v2.9
args: --verbose args: --verbose
test: test:
needs: lint needs: lint
strategy: strategy:
matrix: matrix:
os: [ubuntu-latest, macos-latest] os: [ubuntu-latest, macos-latest]
go: ["1.24", "1.25"] go: ["1.24", "1.25", "1.26"]
test-tags: test-tags:
[ [
"", "",

28
.github/workflows/trivy-scan.yml vendored
View File

@ -9,7 +9,7 @@ on:
- master - master
schedule: schedule:
# Run daily at 00:00 UTC # Run daily at 00:00 UTC
- cron: '0 0 * * *' - cron: "0 0 * * *"
workflow_dispatch: # Allow manual trigger workflow_dispatch: # Allow manual trigger
permissions: permissions:
@ -29,28 +29,28 @@ jobs:
- name: Run Trivy vulnerability scanner (source code) - name: Run Trivy vulnerability scanner (source code)
uses: aquasecurity/trivy-action@0.34.0 uses: aquasecurity/trivy-action@0.34.0
with: with:
scan-type: 'fs' scan-type: "fs"
scan-ref: '.' scan-ref: "."
scanners: 'vuln,secret,misconfig' scanners: "vuln,secret,misconfig"
format: 'sarif' format: "sarif"
output: 'trivy-results.sarif' output: "trivy-results.sarif"
severity: 'CRITICAL,HIGH,MEDIUM' severity: "CRITICAL,HIGH,MEDIUM"
ignore-unfixed: true ignore-unfixed: true
- name: Upload Trivy results to GitHub Security tab - name: Upload Trivy results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v4 uses: github/codeql-action/upload-sarif@v4
if: always() if: always()
with: with:
sarif_file: 'trivy-results.sarif' sarif_file: "trivy-results.sarif"
- name: Run Trivy scanner (table output for logs) - name: Run Trivy scanner (table output for logs)
uses: aquasecurity/trivy-action@0.34.0 uses: aquasecurity/trivy-action@0.34.0
if: always() if: always()
with: with:
scan-type: 'fs' scan-type: "fs"
scan-ref: '.' scan-ref: "."
scanners: 'vuln,secret,misconfig' scanners: "vuln,secret,misconfig"
format: 'table' format: "table"
severity: 'CRITICAL,HIGH,MEDIUM' severity: "CRITICAL,HIGH,MEDIUM"
ignore-unfixed: true ignore-unfixed: true
exit-code: '1' exit-code: "1"