yq/.github/workflows/scan-alauda.yaml
2025-08-02 07:44:18 +08:00

35 lines
854 B
YAML

name: Scan vulnerabilities for Alauda
on:
schedule:
- cron: '0 0 * * *'
workflow_dispatch:
jobs:
build:
name: Scan Go vulnerabilities
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4.1.6
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: "go.mod"
cache: false
- name: Set up GoReleaser
uses: goreleaser/goreleaser-action@v6
with:
version: v2.1.0
args: release --snapshot -f=.goreleaser-alauda.yml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@0.28.0
with:
scan-type: 'rootfs'
scan-ref: 'dist/cosign_linux_amd64_v1/alauda-cosign'
exit-code: 1