Merge pull request #421 from sge-network/release/v1.7.x #795

	name: Run Gosec
	on:
	push:
	paths:
	- "*/.go"
	- "go.mod"
	- "go.sum"
	branches:
	- master
	pull_request:
	paths:
	- "*/.go"
	- "go.mod"
	- "go.sum"
	branches:
	- master
	jobs:
	tests:
	permissions:
	security-events: write

	runs-on: ubuntu-latest
	env:
	GO111MODULE: on
	steps:
	- name: Checkout Source
	uses: actions/checkout@v3

	- name: Run Gosec Security Scanner
	uses: securego/gosec@master
	with:
	# we let the report trigger content trigger a failure using the GitHub Security features.
	args: "-no-fail -fmt sarif -out results.sarif ./..."

	- name: Upload SARIF file
	uses: github/codeql-action/upload-sarif@v2
	with:
	# Path to SARIF file relative to the root of the repository
	sarif_file: results.sarif

Provide feedback