drop setup-go step from govulcheck workflow

[MatousJobanek]

duplicate with the one in composite

Summary by CodeRabbit

• Chores
  • Streamlined the security vulnerability scanning workflow in CI by removing a redundant environment setup step. This reduces pipeline time and maintenance overhead while preserving the existing vulnerability checks and configuration. No user-facing changes or feature impacts. Expect slightly faster and more reliable CI runs with the same coverage for security scanning.

[coderabbitai]

Walkthrough

Removed the Go setup step from the govulncheck GitHub Actions workflow, leaving the govulncheck action invocation unchanged.

Changes

Cohort / File(s)	Change Summary
CI workflow update .github/workflows/govulncheck.yml	Deleted the "Install Go" (actions/setup-go@v5) step; retained "Run govulncheck" with existing inputs (go-version-file: go.mod, cache: false, config: .govulncheck.yaml).

Sequence Diagram(s)

sequenceDiagram
    autonumber
    actor Dev as Developer
    participant GH as GitHub
    participant R as Actions Runner
    participant V as govulncheck Action

    Dev->>GH: Push/PR
    GH-->>R: Trigger workflow (govulncheck)
    R->>R: Checkout repository
    note over R: (Removed) Install Go via setup-go
    R->>V: Run govulncheck (uses go-version-file: go.mod)
    V-->>R: Report results
    R-->>GH: Publish job status

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

I hop through YAML, light on my feet,
A step removed—so tidy, neat.
No boots to fetch, just vuln-check flow,
Carrots cached? No—on we go! 🥕
Pipelines hum, my whiskers twitch—
One less hop, the same fine stitch.

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between e5bb9d8 and 6d303ce.

📒 Files selected for processing (1)

• .github/workflows/govulncheck.yml (0 hunks)

💤 Files with no reviewable changes (1)

• .github/workflows/govulncheck.yml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Verify Dependencies

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore or @coderabbit ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[xcoulon]

Awesome! 🎉