From 6b4637c19d9978a0a14c24ee2a8a9324246e2fa7 Mon Sep 17 00:00:00 2001
From: Levin Fritz <levin.fritz@gmail.com>
Date: Fri, 20 Oct 2023 16:33:22 +0200
Subject: [PATCH] templates/basic: run govulncheck weekly (#7)

---
 .../basic/.github/workflows/vulncheck.yaml    | 20 +++++++++++++++++++
 templates/basic/Makefile                      |  5 +++++
 2 files changed, 25 insertions(+)
 create mode 100644 templates/basic/.github/workflows/vulncheck.yaml

diff --git a/templates/basic/.github/workflows/vulncheck.yaml b/templates/basic/.github/workflows/vulncheck.yaml
new file mode 100644
index 0000000..1434d93
--- /dev/null
+++ b/templates/basic/.github/workflows/vulncheck.yaml
@@ -0,0 +1,20 @@
+name: Vulnerability check
+
+on:
+  schedule:
+    - cron: '0 7 * * 1'  # Weekly on Mondays at 7:00 AM
+
+jobs:
+  test:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: "1.21.3"
+
+      - name: Vulncheck
+        run: make vulncheck
diff --git a/templates/basic/Makefile b/templates/basic/Makefile
index 6a17839..1897cc9 100644
--- a/templates/basic/Makefile
+++ b/templates/basic/Makefile
@@ -52,6 +52,11 @@ mod:
 lint:
 	go run github.com/golangci/golangci-lint/cmd/golangci-lint@$(GOLANGCI_LINT_VERSION) run ./...
 
+## Run vulncheck
+.PHONY: vulncheck
+vulncheck:
+	go run golang.org/x/vuln/cmd/govulncheck@latest ./...
+
 ## generates coverage report
 .PHONY: test/coverage
 test/coverage: