From 1e5ab061cde58b0d93c8b2cfae88206c209bd951 Mon Sep 17 00:00:00 2001
From: Geri Jennings <geri.jennings@cyberark.com>
Date: Fri, 11 Sep 2020 17:03:07 -0400
Subject: [PATCH] Update GoSec to run only on branch builds

It errors if it runs on a tag build, because it's set up to only run on branches.
---
 .gitignore  | 1 +
 Jenkinsfile | 5 +++++
 2 files changed, 6 insertions(+)

diff --git a/.gitignore b/.gitignore
index d278fb33d..7d7f3eff3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,6 +10,7 @@ bench.*
 debug
 debug.*
 dist
+gosec.output
 run
 tmp
 vendor
diff --git a/Jenkinsfile b/Jenkinsfile
index 5c47aee27..b3a04d969 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -78,6 +78,11 @@ pipeline {
         }
 
         stage('Scan For Security with Gosec') {
+          // Gosec only works on branch builds
+          when {
+            not { tag "v*" }
+          }
+
           steps {
             sh "./bin/check_golang_security -s High -c Medium -b ${env.BRANCH_NAME}"
             junit(allowEmptyResults: true, testResults: 'gosec.output')