Thanks to visit codestin.com
Credit goes to github.com

Skip to content

scriptsrc/trufflelintly

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.github/workflows
.github/workflows
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
action.yml
action.yml
 
 
entrypoint.sh
entrypoint.sh
 
 

Repository files navigation

trufflelintly

docker github action to run trufflehog and then lintly

Lintly-trufflehog GitHub Action

A GitHub Action that scans the repo for secrets with Trufflehog then automatically creates pull request reviews if there are any violations.

Usage

To use Lintly-trufflehog GitHub Action, add the following to a GitHub Actions workflow file such as .github/workflows/main.yml:

on: [pull_request]

jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1
      - uses: scriptsrc/trufflelintly@main
        with:
          # (Required) The GitHub API token to create reviews with
          token: ${{ secrets.GITHUB_TOKEN }}

          # Fail if "new" violations detected or "any", default "new"
          failIf: new

          # Additional arguments to pass to trufflehog
          args: ""

Now each PR created will be checked for secrets. If there are any violations then Lintly will comment on the PR using the github-actions bot user.

Lintly example

Note: Lintly-CFN-Nag only works with the pull_request event. If your job runs on the push event then make sure the Lintly-CFN-Nag step only runs on the pull request event by adding if: github.event_name == 'pull_request':

      - uses: scriptsrc/trufflelintly@main
        if: github.event_name == 'pull_request'

About

docker github action to run trufflehog and then lintly

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages