name: Code Scanners
on:
  push:
    branches:
      - master
  pull_request:
    branches:
      - master

permissions:
  contents: read

env:
  go_version: "1.22.8"


jobs:
  security_scanning:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Source
        uses: actions/checkout@v4
      - uses: actions/setup-go@v5
        with:
          go-version: ${{ env.go_version }}
          cache: true
      - name: Setup Tools
        run: |
          go install github.com/securego/gosec/v2/cmd/gosec@latest
      - name: Running Scan
        run: gosec --exclude=G402,G304  ./... 
  lint_scanner:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Source
        uses: actions/checkout@v4
      - uses: actions/setup-go@v5
        with:
          go-version: ${{ env.go_version }}
          cache: true
      - name: Setup Tools
        run: |
          go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest
      - name: Running Scan
        run:  golangci-lint run --timeout=30m  ./...