action.yml

name: 'golang-govulncheck-action'
description: 'Run govulncheck'
inputs:
  go-version-input:  # version of Go to use for govulncheck
    description: 'Version of Go to use for govulncheck'
    required: false
    default: '>=1.19.0'
  check-latest:
    description: 'Set this option to true if you want the action to always check for the latest available Go version that satisfies the version spec'
    required: false
    default: false
  cache:
    description: 'Used to specify whether Go caching is needed. Set to true, if you would like to enable caching.'
    required: false
    default: true
  go-package:
    description: 'Go Package to scan with govulncheck'
    required: false
    default: './...'
runs:
  using: "composite"
  steps:
    - uses: actions/checkout@v3
    - uses: actions/setup-go@v4.0.0
      with:
        go-version: ${{ inputs.go-version-input }}
        check-latest: ${{ inputs.check-latest }}
        cache: ${{ inputs.cache }}
    - name: Install govulncheck
      run: go install golang.org/x/vuln/cmd/govulncheck@latest
      shell: bash
    - name: Run govulncheck
      run: govulncheck ${{ inputs.go-package }}
      shell: bash