actions/talisman-secrets-scan-action
1
0
Fork 0
mirror of https://github.com/carhartl/talisman-secrets-scan-action.git synced 2025-02-06 05:34:11 +00:00
Code Issues Releases Wiki Activity

Merge branch 'main' into test

Browse source
This commit is contained in:
Klaus Hartl 2022-03-10 15:09:03 +01:00
commit b89b8b8ad0
No known key found for this signature in database
GPG key ID: 6BA8AED91AB6EA2A
5 changed files with 9 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/main.yml vendored
View file

@ -14,5 +14,3 @@ jobs:
fetch-depth: 0 # Ensure Talisman can operate on a valid revision range fetch-depth: 0 # Ensure Talisman can operate on a valid revision range
- name: Test action - name: Test action
uses: ./ uses: ./
with:
remote-sha: 89df42eb70ebff472b384403e6b17e44391eba79

3
.talismanrc Normal file
View file

@ -0,0 +1,3 @@
fileignoreconfig:
- filename: README.md
checksum: db50071255cfd6687a9011c05ef82c985afb25942a6537a839e30e8225445d72

6
Dockerfile
View file

@ -1,8 +1,8 @@
FROM alpine:3.13.6 FROM ubuntu:20.04
RUN apk update && apk add git RUN apt update && apt install -y git
ADD ["https://github.com/thoughtworks/talisman/releases/download/v1.22.0/talisman_linux_amd64", "/talisman"] ADD ["https://github.com/thoughtworks/talisman/releases/download/v1.25.0/talisman_linux_amd64", "/talisman"]
RUN chmod +x /talisman RUN chmod +x /talisman
COPY entrypoint.sh /entrypoint.sh COPY entrypoint.sh /entrypoint.sh

6
README.md
View file

@ -7,12 +7,12 @@ This action uses [Talisman](https://thoughtworks.github.io/talisman/) to scan th
```yml ```yml
steps: steps:
- name: Detect secrets with Talisman in incoming commits - name: Detect secrets with Talisman in incoming commits
uses: carhartl/talisman-secrets-scan-action@v1.0 uses: carhartl/talisman-secrets-scan-action@v1.0.1
``` ```
## Caveat ## Caveat
When using this along with the `actions/checkout@v2` step, you'll need to configure it to fetch the entire history: When using this along with the `actions/checkout@v2` step you'll need to configure it to avoid a too shallow clone:
```yml ```yml
- uses: actions/checkout@v2 - uses: actions/checkout@v2
@ -20,7 +20,7 @@ When using this along with the `actions/checkout@v2` step, you'll need to config
fetch-depth: 0 fetch-depth: 0
``` ```
Otherwise you'll run into talisman erroring out while it's trying to execute git with an invalid revision range: Otherwise you may run into Talisman erroring out while it's trying to execute git with an invalid revision range:
``` ```
time="2021-09-19T07:07:32Z" level=fatal msg="Git command execution failed" command="git diff 0c4a631e70056a95df1c235d238a80828e07cf9c..a32a5c7e1a3d250bf18a080a44a764d9b93b9690 --name-only --diff-filter=ACM" dir=/github/workspace error="exit status 128" output="fatal: Invalid revision range 0c4a631e70056a95df1c235d238a80828e07cf9c..a32a5c7e1a3d250bf18a080a44a764d9b93b9690\n" time="2021-09-19T07:07:32Z" level=fatal msg="Git command execution failed" command="git diff 0c4a631e70056a95df1c235d238a80828e07cf9c..a32a5c7e1a3d250bf18a080a44a764d9b93b9690 --name-only --diff-filter=ACM" dir=/github/workspace error="exit status 128" output="fatal: Invalid revision range 0c4a631e70056a95df1c235d238a80828e07cf9c..a32a5c7e1a3d250bf18a080a44a764d9b93b9690\n"

2
password.txt
View file

@ -1,2 +0,0 @@
user=John
password=7FAB324C-585E-4085-874A-161FBA2AEDE8