Browse Source

Consolidate security-check into checks-backend (#21882)

Also, run it via exact version instead of relying on global binary.
pull/21832/head
silverwind 1 week ago committed by GitHub
parent
commit
9380bb6d0c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 10
      .drone.yml
  2. 4
      Makefile

10
.drone.yml

@ -39,16 +39,6 @@ steps:
- make lint-frontend
depends_on: [deps-frontend]
- name: security-check
image: golang:1.19
pull: always
commands:
- make security-check
depends_on: [deps-backend]
volumes:
- name: deps
path: /go
- name: lint-backend
image: gitea/test_env:linux-amd64 # https://gitea.com/gitea/test-env
pull: always

4
Makefile

@ -333,7 +333,7 @@ checks: checks-frontend checks-backend
checks-frontend: lockfile-check svg-check
.PHONY: checks-backend
checks-backend: tidy-check swagger-check fmt-check misspell-check swagger-validate
checks-backend: tidy-check swagger-check fmt-check misspell-check swagger-validate security-check
.PHONY: lint
lint: lint-frontend lint-backend
@ -745,7 +745,7 @@ generate-go: $(TAGS_PREREQ)
.PHONY: security-check
security-check:
govulncheck -v ./...
go run $(GOVULNCHECK_PACKAGE) -v ./...
$(EXECUTABLE): $(GO_SOURCES) $(TAGS_PREREQ)
CGO_CFLAGS="$(CGO_CFLAGS)" $(GO) build $(GOFLAGS) $(EXTRA_GOFLAGS) -tags '$(TAGS)' -ldflags '-s -w $(LDFLAGS)' -o $@

Loading…
Cancel
Save