fix: prevent nil pointer panic when importing social providers #398
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Security | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| schedule: | |
| - cron: '26 21 * * 3' | |
| permissions: | |
| contents: read | |
| jobs: | |
| # Static Application Security Testing (SAST) - gosec | |
| gosec: | |
| name: Go Security Check | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Setup Go | |
| uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| - name: Run gosec | |
| run: make sec-gosec | |
| # Software Composition Analysis (SCA) - Go vulnerability check | |
| govulncheck: | |
| name: Go Vulnerability Check | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Setup Go | |
| uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| - name: Run govulncheck | |
| run: make sec-vuln | |
| # Secret scanning - Gitleaks | |
| gitleaks: | |
| name: Secret Scanning | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup Go | |
| uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| - name: Run Gitleaks | |
| run: make sec-gitleaks | |
| # Binary artifact scanning - Trivy on built binary | |
| trivy: | |
| name: Binary Vulnerability Scan | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Setup Go | |
| uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| - name: Run Trivy | |
| run: make sec-trivy | |
| # Dependency license compliance | |
| licenses: | |
| name: License Check | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 | |
| - name: Setup Go | |
| uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 | |
| with: | |
| go-version-file: 'go.mod' | |
| cache: true | |
| - name: Check licenses | |
| run: make licenses |