Govulncheck: Fix vulnerabilities and add CI checks#17
Conversation
Add govulncheck for vulnerability scanning. Run with `make govulncheck`. Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
Fixes all vulnerabilities found when running "make govulncheck". Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
Runs on pull requests and daily at 06:23 UTC. The idea is to catch newly disclosed vulnerabilities in our code. Signed-off-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
lpiwowar
left a comment
There was a problem hiding this comment.
/lgtm
Just thinking whether it is a problem in terms of consistency with other operators in openstack-k8s-operators/* namespace but I can not think of any reason why it should be a problem.
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: lpiwowar, umago The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
100%! I think it's better to be safe than consistently unsafe :D |
6973f5e
into
openstack-k8s-operators:main
This PR includes the following:
make govulncheck.It requires bumping Go to version 1.25.0