Support to gokart in github actions marketplace

praetorian-inc / gokart

A static analysis tool for securing Go code

Apache License 2.0

2.18k stars 110 forks source link

Support to gokart in github actions marketplace #25

Open renanpalmeira opened 3 years ago

renanpalmeira commented 3 years ago

hey hey do you have any plans to create a gokart action for us to use in github actions?

I'm testing the gokart, I'm finding it really cool and I'd like to add it to github actions for an action very similar to gosec because of this the my question

thanks 😊

isp1r0 commented 3 years ago

Thanks for your interest and test driving @renanpalmeira! While support for GitHub actions is not currently on our list of fast-follow features, the creation and use of SARIF absolutely is!

Once we have SARIF output properly supported, it should be an easy lift to create a Github action around it. Please keep an eye on the repo over the next couple weeks for new releases.

renanpalmeira commented 3 years ago

OWO very cool! I'll follow up, there is some material about sarif, I don't know much about this topic and if you have links that can help you understand and be able to share, I'm reading here on Google about but sometimes you have some material that you recommend, do you have any recommendations?

dwisiswant0 commented 3 years ago

I've made this! Please try it out: https://github.com/kitabisa/gokart-action

Jeeppler commented 2 years ago

@isp1r0 is there any update on the SARIF support? Do you plan to support taxonomies in your SARIF report?