From a9ab4118a40f46e282c502d6080359648f5c674e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thor=20Anker=20Kvisg=C3=A5rd=20Lange?= <tal@netic.dk>
Date: Fri, 25 Apr 2025 13:21:32 +0200
Subject: [PATCH 1/2] feat: Adding 'govulncheck' to vuln-scan job
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Thor Anker Kvisgård Lange <tal@netic.dk>
---
 .github/workflows/go-ci.yaml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/go-ci.yaml b/.github/workflows/go-ci.yaml
index 10f012a..182ddfd 100644
--- a/.github/workflows/go-ci.yaml
+++ b/.github/workflows/go-ci.yaml
@@ -125,3 +125,7 @@ jobs:
           exit-code: "1"
           ignore-unfixed: true
           vuln-type: "library"
+      - name: Run govulncheck
+        uses: golang/govulncheck-action@v1
+        with:
+          go-version-file: go.mod

From da5caf2dc0e27b25021bb3f6c9fbda2b141fe313 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thor=20Anker=20Kvisg=C3=A5rd=20Lange?= <tal@netic.dk>
Date: Fri, 25 Apr 2025 14:39:48 +0200
Subject: [PATCH 2/2] fix: :bug: Support for private go modules in govulncheck

---
 .github/workflows/go-ci.yaml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.github/workflows/go-ci.yaml b/.github/workflows/go-ci.yaml
index f97ebea..2836440 100644
--- a/.github/workflows/go-ci.yaml
+++ b/.github/workflows/go-ci.yaml
@@ -104,6 +104,8 @@ jobs:
 
   vuln-scan:
     runs-on: ubuntu-latest
+    env:
+      GOPRIVATE: "${{ inputs.go-private }}"
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -115,6 +117,11 @@ jobs:
           exit-code: "1"
           ignore-unfixed: true
           vuln-type: "library"
+
+      - name: Setup private repository access
+        if: inputs.go-private != ''
+        run: git config --global url."https://${{ secrets.gh_username }}:${{ secrets.gh_token }}@github.com".insteadOf "https://github.com"
+
       - name: Run govulncheck
         uses: golang/govulncheck-action@v1
         with: