Motivation
Golang Security team has developed a new tool to detect vulnerable packages in Golang code and it will be a great addition to huskyCI analysis.
It would be great if
We have all the necessary code to run this scan!
What we expect
- A working container of Govulncheck that outputs a JSON after running the analysis in a particular folder. Similar to this to be uploaded to Docker Hub as
huskyci/govulncheck:latest.
- Add into
config.yaml commands needed to run inside the securityTest container.
- Adjust
context.go to have the new Govulncheck securityTest configs.
- Add new error messages related to Govulncheck in
messagecodes.go.
- Add a new file into
securitytest package and adjust its logic to now handle Govulncheck output.
- Add new code into client analysis package to print to STDOUT Govulncheck results.
Tips
- Search how a particular securityTest work and apply the same logic (Ctrl + F + "bandit" will do 🙃).
Motivation
Golang Security team has developed a new tool to detect vulnerable packages in Golang code and it will be a great addition to huskyCI analysis.
It would be great if
We have all the necessary code to run this scan!
What we expect
huskyci/govulncheck:latest.config.yamlcommands needed to run inside the securityTest container.context.goto have the new Govulncheck securityTest configs.messagecodes.go.securitytestpackage and adjust its logic to now handle Govulncheck output.Tips