CloudBees action: Scan Go code with Gosec

1 minute read

Use this action to perform static application security testing (SAST) on Go repositories with the open-source Golang Security Checker (Gosec). Gosec inspects Go code for security problems by scanning the AST and SSA code representation.

All CloudBees action repositories are listed at CloudBees, Inc. on GitHub.

Inputs

Table 1. Input details
Input name Data type Required? Description

ref

String

No

The ref of the code to be scanned.

workspace-dir

String

No

The path of the code to be scanned.

Usage example

In your YAML file, add:

- name: Scan with Gosec uses: cloudbees-io/gosec-plugin@v1