Skip to content

Scan repository for secrets with basic defaults in place for easy setup.

License

Notifications You must be signed in to change notification settings

UnicornGlobal/trufflehog-actions-scan

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

59 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Trufflehog Action

Scan recent commits in repository for secrets with trufflehog.

Usage

steps:
- uses: actions/checkout@v2
- uses: UnicornGlobal/trufflehog-actions-scan@master
  with:
    branch: ${{ github.head_ref }}

This will make sure it only runs on the branch that's been pushed

Upstream

Based on: https://github.com/edplato/trufflehog-actions-scan

Why the changes?

We don't want to add a special key when we already have a local copy of the git repo. There is no need to check remotely.

We also don't need special config flags so we removed that functionality too.

We had to change a lot to get it to work.

MIT License

About

Scan repository for secrets with basic defaults in place for easy setup.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Dockerfile 54.4%
  • Shell 45.6%