action.yml - govulncheck-action - Git at Google

 name: 'golang-govulncheck-action'
 description: 'Run govulncheck'
 inputs:
   go-version-input: # version of Go to use for govulncheck
     description: 'Version of Go to use for govulncheck'
     required: false
     default: 'stable'
   check-latest:
     description: 'Set this option to true if you want the action to always check for the latest available Go version that satisfies the version spec'
     required: false
     default: true
   cache:
     description: 'Used to specify whether Go caching is needed. Set to true, if you would like to enable caching.'
     required: false
     default: true
   go-package:
     description: 'Go Package to scan with govulncheck'
     required: false
     default: './...'
   work-dir:
     description: 'Directory in which to run govulncheck'
     required: false
     default: '.'
   repo-checkout:
     description: "Checkout the repository"
     required: false
     default: true
   go-version-file:
     description: 'Path to the go.mod or go.work file.'
     required: false
   output-format:
     description: 'The format of the output'
     required: false
     default: 'text'
   output-file:
     description: 'The file to which the govulncheck output is saved'
     required: false
     default: ''
 runs:
   using: "composite"
   steps:
     - if: inputs.repo-checkout != 'false' # only explicit false prevents repo checkout
       uses: actions/checkout@v4.1.1
     - uses: actions/setup-go@v5.0.0
       with:
         go-version: ${{ inputs.go-version-input }}
         check-latest: ${{ inputs.check-latest }}
         go-version-file: ${{ inputs.go-version-file }}
         cache: ${{ inputs.cache }}
     - name: Install govulncheck
       run: go install golang.org/x/vuln/cmd/govulncheck@latest
       shell: bash
     - if: inputs.output-file == ''
       name: Run govulncheck
       run: govulncheck -C ${{ inputs.work-dir }} -format ${{ inputs.output-format }} ${{ inputs.go-package }}
       shell: bash
     - if: inputs.output-file != ''
       name: Run govulncheck and save to file
       run: govulncheck -C ${{ inputs.work-dir }} -format ${{ inputs.output-format }} ${{ inputs.go-package }} > ${{ inputs.output-file }}
       shell: bash
	name: 'golang-govulncheck-action'
	description: 'Run govulncheck'
	inputs:
	go-version-input: # version of Go to use for govulncheck
	description: 'Version of Go to use for govulncheck'
	required: false
	default: 'stable'
	check-latest:
	description: 'Set this option to true if you want the action to always check for the latest available Go version that satisfies the version spec'
	required: false
	default: true
	cache:
	description: 'Used to specify whether Go caching is needed. Set to true, if you would like to enable caching.'
	required: false
	default: true
	go-package:
	description: 'Go Package to scan with govulncheck'
	required: false
	default: './...'
	work-dir:
	description: 'Directory in which to run govulncheck'
	required: false
	default: '.'
	repo-checkout:
	description: "Checkout the repository"
	required: false
	default: true
	go-version-file:
	description: 'Path to the go.mod or go.work file.'
	required: false
	output-format:
	description: 'The format of the output'
	required: false
	default: 'text'
	output-file:
	description: 'The file to which the govulncheck output is saved'
	required: false
	default: ''
	runs:
	using: "composite"
	steps:
	- if: inputs.repo-checkout != 'false' # only explicit false prevents repo checkout
	uses: actions/checkout@v4.1.1
	- uses: actions/setup-go@v5.0.0
	with:
	go-version: ${{ inputs.go-version-input }}
	check-latest: ${{ inputs.check-latest }}
	go-version-file: ${{ inputs.go-version-file }}
	cache: ${{ inputs.cache }}
	- name: Install govulncheck
	run: go install golang.org/x/vuln/cmd/govulncheck@latest
	shell: bash
	- if: inputs.output-file == ''
	name: Run govulncheck
	run: govulncheck -C ${{ inputs.work-dir }} -format ${{ inputs.output-format }} ${{ inputs.go-package }}
	shell: bash
	- if: inputs.output-file != ''
	name: Run govulncheck and save to file
	run: govulncheck -C ${{ inputs.work-dir }} -format ${{ inputs.output-format }} ${{ inputs.go-package }} > ${{ inputs.output-file }}
	shell: bash