Gosec (#387)

#### What this PR does / why we need it see: open-component-model/ocm-project#270 #### Which issue(s) this PR fixes fixes https://github.com/open-component-model/ocm-project/issues/383
open-component-model · Jan 30, 2025 · 871583c · 871583c
1 parent b439fdb
commit 871583c
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 1 deletion.
diff --git a/.github/workflows/code-scan.yml b/.github/workflows/code-scan.yml
@@ -0,0 +1,20 @@
+name: "Code scanning"
+
+on:
+  push:
+    branches: ["main"]
+  pull_request:
+    branches: ["main"]
+  schedule:
+    - cron: "26 14 * * 2"
+
+jobs:
+  gosec:
+    permissions:
+      # Required to upload SARIF files
+      security-events: write
+      # for actions/checkout to fetch code
+      contents: read
+    # call reusable workflow from central '.github' repo
+    uses: open-component-model/.github/.github/workflows/code-scan.yml@main
+    secrets: inherit
diff --git a/content/docs/tutorials/best-practices-with-ocm.md b/content/docs/tutorials/best-practices-with-ocm.md
@@ -128,7 +128,7 @@ Helm chart assume the following folder structure. The example is built using con
 The Dockerfile has the following content:
 
 ```Dockerfile
-FROM golang:1.22 as build
+FROM golang:1.23.5 as build
 
 WORKDIR /go/src/app
 COPY . .