mirror of
https://github.com/dockersrc/go
synced 2026-07-14 23:45:58 -04:00
Scan Go dependencies against the vulnerability database automatically on every run, between vet and test. Fail fast on known CVEs before spending time running the full test suite. - rootfs/usr/local/bin/go-workflow: add govulncheck ./... as step 4; renumber build to step 6 - README.md: update default workflow diagram to include govulncheck README.md rootfs/usr/local/bin/go-workflow
This commit is contained in:
@@ -25,7 +25,7 @@ Mount your project at `/app` and run with no arguments. The container
|
|||||||
automatically runs the full Go workflow:
|
automatically runs the full Go workflow:
|
||||||
|
|
||||||
```
|
```
|
||||||
go mod tidy → gofmt -w . → go vet ./... → go test ./... → go build ./...
|
go mod tidy → gofmt -w . → go vet ./... → govulncheck ./... → go test ./... → go build ./...
|
||||||
```
|
```
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
|
|||||||
@@ -61,9 +61,11 @@ run_step "go mod tidy" go mod tidy
|
|||||||
run_step "gofmt -w ." gofmt -w .
|
run_step "gofmt -w ." gofmt -w .
|
||||||
# 3. Catch suspicious constructs
|
# 3. Catch suspicious constructs
|
||||||
run_step "go vet ./..." go vet ./...
|
run_step "go vet ./..." go vet ./...
|
||||||
# 4. Run tests — fail fast before wasting time on a build
|
# 4. Scan dependencies against the Go vulnerability database
|
||||||
|
run_step "govulncheck ./..." govulncheck ./...
|
||||||
|
# 5. Run tests — fail fast before wasting time on a build
|
||||||
run_step "go test ./..." go test ./...
|
run_step "go test ./..." go test ./...
|
||||||
# 5. Build all main packages; output lands alongside source in each package dir
|
# 6. Build all main packages; output lands alongside source in each package dir
|
||||||
run_step "go build ./..." go build "${BUILD_FLAGS[@]}" ./...
|
run_step "go build ./..." go build "${BUILD_FLAGS[@]}" ./...
|
||||||
|
|
||||||
echo "✅ Done."
|
echo "✅ Done."
|
||||||
|
|||||||
Reference in New Issue
Block a user