[OP-2035] Added govulncheck (#21) #12

	# SPDX-FileCopyrightText: 2023 Risk.Ident GmbH <[email protected]>
	#
	# SPDX-License-Identifier: CC0-1.0

	name: govulncheck

	on:
	push:
	branches:
	- main
	pull_request:
	schedule:
	- cron: 0 8 * * 1 # 08:00 on mondays

	jobs:
	govulncheck:
	runs-on: ubuntu-latest
	name: Run govulncheck
	steps:
	- uses: actions/checkout@v3

	- name: Get Go version
	id: goversion
	run: echo "version=$(grep '^go ' go.mod \| grep --only-matching '[0-9.]*')" >> $GITHUB_OUTPUT

	- id: govulncheck
	uses: golang/govulncheck-action@v1
	with:
	go-version-input: ">=${{ steps.goversion.outputs.version }}.0"
	go-package: ./...

	- name: Send Slack message
	uses: slackapi/[email protected]
	if: ${{ failure() && steps.govulncheck.conclusion == 'failure' && github.ref == 'refs/heads/main' }}
	with:
	payload: \|
	{
	"blocks": [
	{
	"type": "header",
	"text": {
	"type": "plain_text",
	"text": "govulncheck",
	"emoji": true
	}
	},
	{
	"type": "section",
	"text": {
	"type": "mrkdwn",
	"text": "Vulnerabilities in <${{ github.server_url }}/${{ github.repository }}\|${{ github.repository }}> was found by govulncheck on ${{ github.ref_type }} <${{ github.event.pull_request.html_url \|\| github.event.head_commit.url }}\|${{ github.head_ref \|\| github.ref_name }}>"
	}
	},
	{
	"type": "context",
	"elements": [
	{
	"type": "mrkdwn",
	"text": "<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\|${{ github.workflow_ref }}>"
	}
	]
	}
	]
	}
	env:
	SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
	SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK

Provide feedback