aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.github/scripts/prescan-go-coverage-ubuntu.sh12
-rw-r--r--.github/workflows/security-audits.yaml17
2 files changed, 22 insertions, 7 deletions
diff --git a/.github/scripts/prescan-go-coverage-ubuntu.sh b/.github/scripts/prescan-go-coverage-ubuntu.sh
new file mode 100644
index 0000000..f7e9d55
--- /dev/null
+++ b/.github/scripts/prescan-go-coverage-ubuntu.sh
@@ -0,0 +1,12 @@
+# SPDX-License-Identifier: Apache-2.0
+# SPDX-FileCopyrightText: 2025 The Linux Foundation
+
+#!/bin/bash
+echo "--> prescan-go-coverage-ubuntu.sh"
+
+set -ex
+
+# Test and coverage
+go test -p 1 ./... -coverprofile=coverage.out
+
+echo "--> prescan-go-coverage-ubuntu.sh ends"
diff --git a/.github/workflows/security-audits.yaml b/.github/workflows/security-audits.yaml
index 77c7534..0160ed8 100644
--- a/.github/workflows/security-audits.yaml
+++ b/.github/workflows/security-audits.yaml
@@ -26,18 +26,18 @@ on:
permissions: {}
jobs:
- sonatype-lifecycle:
- name: "Sonatype Lifecycle"
- # yamllint disable-line rule:line-length
- uses: lfit/releng-reusable-workflows/.github/workflows/reuse-sonatype-lifecycle.yaml@83e3ea0dcbfb1e8c707b0284ae7e7c376b0e27d4 # v0.2.7
- secrets:
- NEXUS_IQ_PASSWORD: ${{ secrets.NEXUS_IQ_PASSWORD }}
+ #sonatype-lifecycle:
+ # name: "Sonatype Lifecycle"
+ # # yamllint disable-line rule:line-length
+ # uses: lfit/releng-reusable-workflows/.github/workflows/reuse-sonatype-lifecycle.yaml@83e3ea0dcbfb1e8c707b0284ae7e7c376b0e27d4 # v0.2.7
+ # secrets:
+ # NEXUS_IQ_PASSWORD: ${{ secrets.NEXUS_IQ_PASSWORD }}
# Scan results are found at: https://sonarcloud.io/login
sonarqube-cloud:
name: "SonarQube Cloud"
# yamllint disable-line rule:line-length
- uses: lfit/releng-reusable-workflows/.github/workflows/reuse-sonarqube-cloud.yaml@83e3ea0dcbfb1e8c707b0284ae7e7c376b0e27d4 # v0.2.7
+ uses: lfit/releng-reusable-workflows/.github/workflows/reuse-sonarqube-cloud.yaml@ac846b1cfeaf3a7cac6f28413a5206afc9951464 # v0.2.11
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
@@ -48,3 +48,6 @@ jobs:
# actions: read
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+ with:
+ BUILD_WRAPPER_URL: https://raw.githubusercontent.com/onap/policy-opa-pdp/refs/heads/master/.github/scripts/prescan-go-coverage-ubuntu.sh
+ BUILD_WRAPPER_OUT_DIR: .