This Pipelines Task runs Go static code analysis.
Prerequisites
This task requires Go to be installed. If Go is not available, consider using the jfrog/setup-go task to install it.
Usage
Basic:
- task: jfrog/go-static-check@v0.1.0
input:
staticCheckVersion: latest
resourceName: my_gitrepo
sourcePath: src/service
checks: ["all", "-ST1000"]
outputFormat: text Input Variables
Name | Required | Default | Description |
|---|---|---|---|
staticCheckVersion | false | latest | Static check version to be used. If not provided, it will use the latest version. |
resourceName | true |
| GitRepo Resource name to be scanned |
sourcePath | false | . | Path to the Go source code where go.mod file resides. If not provided, it will use the path of the given resource |
checks | false | all | Checks to enable/disable. Add the rules prefix with minus (-) sign for disabling and prefix with plus (+) for enabling. Example: [ |
outputFormat | false | text | Output format: json, yaml, csv, junit-xml, html, sonarqube, golint, sarif or text |
Output Variables
None
Exported Environment Variables
None
How does it work?
This task installs the static analysis tool from honnef.co/go/tools/cmd/staticcheck and runs it at the source code location with the parameters specified in the task's inputs.
License
This project is licensed under Apache 2.0 license.