diff --git a/.github/workflows/golangci.yml b/.github/workflows/golangci.yml index 668bb59e..2ab15717 100644 --- a/.github/workflows/golangci.yml +++ b/.github/workflows/golangci.yml @@ -5,7 +5,8 @@ on: pull_request: branches: [ main ] -permissions: read-all +permissions: + contents: read jobs: lint: @@ -15,10 +16,11 @@ jobs: matrix: os: [ ubuntu-latest ] steps: - - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab #v2.4.0 - - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 #v2.1.5 + - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 + - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: - go-version: '1.18' - - uses: golangci/golangci-lint-action@08e2f20817b15149a52b5b3ebe7de50aff2ba8c5 + go-version-file: go.mod + cache: false # golangci/golangci-lint-action maintains its own cache + - uses: golangci/golangci-lint-action@5f1fec7010f6ae3b84ea4f7b2129beb8639b564f # v3.5.0 with: only-new-issues: true diff --git a/.golangci.yml b/.golangci.yml index 47950455..ce3e983e 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -18,14 +18,11 @@ issues: # Default: 3 max-same-issues: 0 new-from-rev: "" - # Fix found issues (if it's supported by the linter). - fix: true linters: disable-all: true enable: - asciicheck - bodyclose - - depguard - dogsled - errcheck - errorlint @@ -62,7 +59,6 @@ linters: - rowserrcheck - sqlclosecheck - staticcheck - - structcheck - stylecheck - thelper - tparallel diff --git a/Dockerfile b/Dockerfile index 2214a355..24a4f1b8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -36,7 +36,7 @@ ARG TARGETARCH RUN CGO_ENABLED=0 make build # Need root for GitHub Actions support -FROM gcr.io/distroless/base@sha256:df13a91fd415eb192a75e2ef7eacf3bb5877bb05ce93064b91b83feef5431f37 +FROM gcr.io/distroless/base@sha256:73deaaf6a207c1a33850257ba74e0f196bc418636cada9943a03d7abea980d6d COPY --from=build /src/scorecard-action / COPY policies/template.yml /policy.yml ENTRYPOINT [ "/scorecard-action" ]