name: Nancy

permissions: {}

on:
  push:
    branches:
      - '*'
  pull_request:
    branches:
      - 'main'
      - 'release*'

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  nancy:
    runs-on: ubuntu-latest
    name: Nancy
    steps:
      - name: Checkout
        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
      - name: Setup build env
        uses: ./.github/actions/setup-build-env
      - name: WriteGoList
        run: go list -json -m all > go.list
      - name: Nancy SAST Scan
        uses: sonatype-nexus-community/nancy-github-action@726e338312e68ecdd4b4195765f174d3b3ce1533 # v1.0.3