This is an automated email from the ASF dual-hosted git repository.
tianxiaoliang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/servicecomb-mesher.git
The following commit(s) were added to refs/heads/master by this push:
new c3d75bf Add gosec check. (#65)
c3d75bf is described below
commit c3d75bf9f33332e536aaa1ba503610b7a9ffe3ae
Author: surechen <[email protected]>
AuthorDate: Mon Aug 19 20:33:13 2019 +0800
Add gosec check. (#65)
* Add gosec check.
Signed-off-by: surechen <[email protected]>
* Edit goSecureChecker.sh.
Signed-off-by: surechen <[email protected]>
* Edit log info.
Signed-off-by: surechen <[email protected]>
---
.travis.yml | 4 ++++
scripts/travis/goSecureChecker.sh | 25 +++++++++++++++++++++++++
2 files changed, 29 insertions(+)
diff --git a/.travis.yml b/.travis.yml
index ceef0b8..53e9d90 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -41,6 +41,10 @@ jobs:
script:
- go get github.com/fzipp/gocyclo
- bash -x scripts/travis/goCycloChecker.sh
+ - stage: GoSecure Checker
+ script:
+ - go get github.com/securego/gosec/cmd/gosec
+ - bash -x scripts/travis/goSecureChecker.sh
- stage: Build
script:
- GO111MODULE=on go mod download
diff --git a/scripts/travis/goSecureChecker.sh
b/scripts/travis/goSecureChecker.sh
new file mode 100644
index 0000000..84e8204
--- /dev/null
+++ b/scripts/travis/goSecureChecker.sh
@@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+issueCount=$(gosec ./... | grep "Issues" |awk -F":" '{print $2}')
+if [ $? == 0 ] && [[ $issueCount -eq 0 ]] ; then
+ echo "No GoSecure warnings found"
+ exit 0
+else
+ echo "GoSecure Warnings found"
+ exit 1
+fi
+
