From 8c75c153e7222f6b6e8475b8d5f12bd9d2fa329b Mon Sep 17 00:00:00 2001 From: Steve Moyer Date: Tue, 3 Jan 2023 11:23:48 -0500 Subject: [PATCH 1/7] feat: bump Go and GoKart versions --- Dockerfile | 6 +++--- entrypoint.sh | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index b2ae05d..6e7ded9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.16-alpine +FROM golang:1.19-alpine LABEL com.github.actions.color="green" LABEL com.github.actions.description="Scan your code with GoKart to finds vulnerabilities using the SSA (single static assignment) form of Go source code." @@ -6,12 +6,12 @@ LABEL com.github.actions.icon="check" LABEL com.github.actions.name="GoKart Scanner" LABEL description="Integrate GoKart security static analysis to GitHub Actions" LABEL maintainer="dwisiswant0" -LABEL repository="https://github.com/kitabisa/gokart-action" +LABEL repository="https://github.com/selesy/gokart-action" ARG version="v0.2.0" ENV CGO_ENABLED=0 RUN \ - go install github.com/praetorian-inc/gokart@${version} && \ + go install github.com/selesy/gokart-pre && \ apk add --no-cache bash findutils COPY entrypoint.sh /bin/entrypoint RUN chmod +x /bin/entrypoint diff --git a/entrypoint.sh b/entrypoint.sh index b3ba20c..c3eb7f6 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash set -e From 70aa619a1e59a1dacbfd4a0745d5b6f5fb689aef Mon Sep 17 00:00:00 2001 From: Steve Moyer Date: Tue, 3 Jan 2023 11:33:42 -0500 Subject: [PATCH 2/7] refactor: split GoKart and findutils installation --- Dockerfile | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6e7ded9..3509a40 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,10 +10,9 @@ LABEL repository="https://github.com/selesy/gokart-action" ARG version="v0.2.0" ENV CGO_ENABLED=0 -RUN \ - go install github.com/selesy/gokart-pre && \ - apk add --no-cache bash findutils +RUN go install github.com/selesy/gokart-pre +RUN apk add --no-cache bash findutils COPY entrypoint.sh /bin/entrypoint RUN chmod +x /bin/entrypoint -ENTRYPOINT ["/bin/entrypoint"] \ No newline at end of file +ENTRYPOINT ["/bin/entrypoint"] From 0781a72c78aabb587e4e28ea91c11e6d341b62a6 Mon Sep 17 00:00:00 2001 From: Steve Moyer Date: Tue, 3 Jan 2023 11:44:17 -0500 Subject: [PATCH 3/7] fix: install requires a version if not in a Go module --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 3509a40..49d2094 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,7 +10,7 @@ LABEL repository="https://github.com/selesy/gokart-action" ARG version="v0.2.0" ENV CGO_ENABLED=0 -RUN go install github.com/selesy/gokart-pre +RUN go install github.com/selesy/gokart-pre@latest RUN apk add --no-cache bash findutils COPY entrypoint.sh /bin/entrypoint RUN chmod +x /bin/entrypoint From 967dccdc23590eb067f1a340fa2384b67d880c24 Mon Sep 17 00:00:00 2001 From: Steve Moyer Date: Tue, 3 Jan 2023 11:49:27 -0500 Subject: [PATCH 4/7] fix: install requires a version if not in a Go module --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 49d2094..d2618b8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,7 +10,7 @@ LABEL repository="https://github.com/selesy/gokart-action" ARG version="v0.2.0" ENV CGO_ENABLED=0 -RUN go install github.com/selesy/gokart-pre@latest +RUN go install github.com/selesy/gokart-pre@v0.5.2-rc1 RUN apk add --no-cache bash findutils COPY entrypoint.sh /bin/entrypoint RUN chmod +x /bin/entrypoint From bdf348f2d31b1cf9f37c2e2dc9c35196b3a46bf9 Mon Sep 17 00:00:00 2001 From: Steve Moyer Date: Tue, 3 Jan 2023 15:36:51 -0500 Subject: [PATCH 5/7] build: add dummy Go module --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index d2618b8..ce695c2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,6 +10,7 @@ LABEL repository="https://github.com/selesy/gokart-action" ARG version="v0.2.0" ENV CGO_ENABLED=0 +RUN go mod init example.com/junk RUN go install github.com/selesy/gokart-pre@v0.5.2-rc1 RUN apk add --no-cache bash findutils COPY entrypoint.sh /bin/entrypoint From ee9d18910380b38b576d394be109ab32e16b360a Mon Sep 17 00:00:00 2001 From: Steve Moyer Date: Tue, 3 Jan 2023 15:57:34 -0500 Subject: [PATCH 6/7] build: create dummy Go module --- Dockerfile | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index ce695c2..247b77b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,8 +10,13 @@ LABEL repository="https://github.com/selesy/gokart-action" ARG version="v0.2.0" ENV CGO_ENABLED=0 +WORKDIR / +RUN mkdir junk +WORKDIR /junk RUN go mod init example.com/junk -RUN go install github.com/selesy/gokart-pre@v0.5.2-rc1 +RUN go mod tidy +RUN go get github.com/selesy/gokart-pre@v0.5.2-rc1 +RUN go install github.com/selesy/gokart-pre RUN apk add --no-cache bash findutils COPY entrypoint.sh /bin/entrypoint RUN chmod +x /bin/entrypoint From 362ced7c621d87fbbdff5097af64d7872135b9eb Mon Sep 17 00:00:00 2001 From: Steve Moyer Date: Tue, 3 Jan 2023 16:02:58 -0500 Subject: [PATCH 7/7] fix: GoKart binary is now gokart-pre --- entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/entrypoint.sh b/entrypoint.sh index c3eb7f6..ee1d613 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -7,7 +7,7 @@ if [[ ! -f "${INPUT_DIRECTORY}/go.mod" ]] || [[ $(find "${INPUT_DIRECTORY}" -nam exit 1 fi -CMD="/go/bin/gokart scan ${INPUT_DIRECTORY}" +CMD="/go/bin/gokart-pre scan ${INPUT_DIRECTORY}" CMD+=" -s -o ${INPUT_OUTPUT}" [[ ! -z ${INPUT_INPUT} ]] && CMD+=" -i ${INPUT_INPUT}" [[ ! -z ${INPUT_GLOBALSTAINTED} ]] && CMD+=" -g"