Use common workflows (#668)

Use common workflows defined in dell/common-github-actions and remove redundant workflows
* disabling G115 with a comment in code

.github/workflows/actions.yml

@@ -5,16 +5,6 @@ on:
   pull_request:
     branches: ["**"]
 jobs:
-  code-check:
-    name: Check Go formatting, linting, vetting
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout the code
-        uses: actions/checkout@v4
-      - name: Run the formatter, linter, and vetter
-        uses: dell/common-github-actions/go-code-formatter-linter-vetter@main
-        with:
-          directories: ./...
   # Removing forbidden checks for now. Todo - maintain consistency across platforms
   #sanitize:
   #  name: Check for forbidden words
@@ -67,39 +57,7 @@ jobs:
         with:
           threshold: 90
           test-folder: "pkg/modules/"
-  go_security_scan:
-    name: Go security
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout the code
-        uses: actions/checkout@v4
-      - name: Run Go Security
-        uses: securego/gosec@master
-        with:
-          args: -exclude-dir=tests -exclude=G101 ./...
-  malware_security_scan:
-    name: Malware Scanner
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout the code
-        uses: actions/checkout@v4
-      - name: Run malware scan
-        uses: dell/common-github-actions/malware-scanner@main
-        with:
-          directories: .
-          options: -ri
-  yaml_lint_scan:
-    name: Run Yaml Lint
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout the code
-        uses: actions/checkout@v4
-      - name: setup python
-        uses: actions/setup-python@v5
-        with:
-          python-version: "3.12"
-      - run: pip install yamllint
-      - run: yamllint .
+
   image_security_scan:
     name: Image Scanner
     runs-on: ubuntu-latest

.github/workflows/common-workflows.yaml

@@ -0,0 +1,13 @@
+name: Workflow
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: ["**"]
+
+jobs:
+
+  # golang static analysis checks
+  go-static-analysis:
+    uses: dell/common-github-actions/.github/workflows/go-static-analysis.yaml@main
+    name: Golang Validation

Makefile

@@ -1,5 +1,6 @@
 include docker.mk
 
+
 # CHANNELS define the bundle channels used in the bundle.
 # Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable")
 # To re-generate a bundle for other specific channels without changing the standard setup, you can:
@@ -84,6 +85,20 @@ driver-unit-test:
 module-unit-test:
 	go clean -cache && go test -v -coverprofile=c.out github.com/dell/csm-operator/pkg/modules
 
+.PHONY: actions
+actions: ## Run all the github action checks that run on a pull_request creation
+	act -l | grep -v ^Stage | grep pull_request | grep -v image_security_scan | awk '{print $$2}' | while read WF; do act pull_request --no-cache-server --platform ubuntu-latest=ghcr.io/catthehacker/ubuntu:act-latest --job "$${WF}"; done
+
+.PHONY: check
+check: ## Echo instructions to run one specific workflow locally
+	@echo "GitHub Workflows can be run locally with the following command:"
+	@echo "act pull_request --no-cache-server --platform ubuntu-latest=ghcr.io/catthehacker/ubuntu:act-latest --job <jobid>"
+	@echo
+	@echo "Where '<jobid>' is a Job ID returned by the command:"
+	@echo "act -l"
+	@echo
+	@echo "NOTE: if act if not installed, it can be from https://github.com/nektos/act"
+
 ##@ Build
 
 tidy:

csm-operator.code-workspace

@@ -0,0 +1,7 @@
+{
+	"folders": [
+		{
+			"path": "."
+		}
+	]
+}

pkg/modules/authorization.go

@@ -738,6 +738,8 @@ func authorizationStorageServiceV2(ctx context.Context, isDeleting bool, cr csmv
 		}
 	}
 
+	// conversion to int32 is safe for a value up to 2147483647
+	// #nosec G115
 	deployment := getStorageServiceScaffold(cr.Name, cr.Namespace, image, int32(replicas))
 
 	// set vault volumes