First attempt using intel/cve-bin-tool-action to scan for CVE on push.

ActiveState · Aug 26, 2024 · 6bc5cd1 · 6bc5cd1
1 parent cc37a2a
commit 6bc5cd1
Showing 1 changed file with 20 additions and 0 deletions.
diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
@@ -0,0 +1,20 @@
+name: CVE scanner
+on:
+  push:
+
+jobs:
+  build_and_scan:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Install State Tool
+        uses: ActiveState/setup-state-tool@v1
+
+      - name: Install Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.22.x
+
+      - name: Build and scan
+        uses: intel/cve-bin-tool-action@main
+        with:
+          build_command: state run preprocess && state run build