Updated workflow

DataDog · Dec 1, 2022 · 76103cf · 76103cf
1 parent 22bd20b
commit 76103cf
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 34 deletions.
diff --git a/.github/workflows/govulncheck.sh b/.github/workflows/govulncheck.sh
@@ -1,6 +1,12 @@
-govulncheck $CHECK_DIR >> ddtrace_results.txt
-if [ $(cat ddtrace_results.txt | grep "Vulnerability #" | wc -l) -gt 0 ]; then
-  echo "Found ${num} vulnerabilities"
-  echo $(cat ddtrace_results.txt | grep "Vulnerability #")
+govulncheck ./ddtrace/... >> results.txt
+govulncheck ./appsec//... >> results.txt
+govulncheck ./internal/... >> results.txt
+govulncheck ./contrib/... >> results.txt
+govulncheck ./profiler/... >> results.txt
+
+results=$(cat results.txt | grep -Eo '\w+-\d+-\d+' | uniq)
+if [ $(echo $results | wc -l) -gt 0 ]; then
+  echo "Found these vulnerabilities:"
+  echo $results
   exit 1
 fi
diff --git a/.github/workflows/govulncheck.yml b/.github/workflows/govulncheck.yml
@@ -26,33 +26,16 @@ jobs:
       - name: Run govulncheck in ddtrace
         env:
           $CHECK_DIR: ./ddtrace/...
-          run: .github/workflows/govulncheck.sh
-#        run: |
-#          govulncheck ./ddtrace/... >> ddtrace_results.txt
-#          if [ $(cat ddtrace_results.txt | grep "Vulnerability #" | wc -l) -gt 0 ]; then
-#            echo "Found ${num} vulnerabilities"
-#            echo $(cat ddtrace_results.txt | grep "Vulnerability #")
-#            exit 1
-#          fi
-#      - name: Run govulncheck in appsec
-#        if: always()
-#        run: |
-#          govulncheck ./ddtrace/... >> ddtrace_results.txt
-#          if [ $(cat ddtrace_results.txt | grep "Vulnerability #" | wc -l) -gt 0 ]; then
-#            echo "Found ${num} vulnerabilities"
-#            echo $(cat ddtrace_results.txt | grep "Vulnerability #")
-#            exit 1
-#          fi
-#      - name: Run govulncheck in appsec
-#        if: always()
-#        run: |
-#          govulncheck ./ddtrace/... >> ddtrace_results.txt
-#          if [ $(cat ddtrace_results.txt | grep "Vulnerability #" | wc -l) -gt 0 ]; then
-#            echo "Found ${num} vulnerabilities"
-#            echo $(cat ddtrace_results.txt | grep "Vulnerability #")
-#            exit 1
-#          fi
-
-
-
-
+        run: |
+          govulncheck ./ddtrace/... >> results.txt
+          govulncheck ./appsec//... >> results.txt
+          govulncheck ./internal/... >> results.txt
+          govulncheck ./contrib/... >> results.txt
+          govulncheck ./profiler/... >> results.txt
+          
+          results=$(cat results.txt | grep -Eo '\w+-\d+-\d+' | uniq)
+          if [ $(echo $results | wc -l) -gt 0 ]; then
+           echo "Found these vulnerabilities:"
+           echo $results
+           exit 1
+          fi