π¨ A GitHub action to check and report secret leaks in the repository using Infisical CLI.
The following workflow step will scan for secret leaks in your repository.
- name: Infisical Secrets Check
id: secrets-scan
uses: guibranco/github-infisical-secrets-check-action@v3.0.0
gh_token
: The GitHub token to add the comment in the PR using the mshick/add-pr-comment@v2 GitHub Action.
secrets-leaked
: The number of secrets leaked found by the Infisical CLI tool.
name: Infisical secrets check
on:
workflow_dispatch:
pull_request:
jobs:
secrets-check:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- name: Infisical Secrets Check
uses: guibranco/github-infisical-secrets-check-action@v3.0.0
name: Infisical secrets check
on:
workflow_dispatch:
pull_request:
jobs:
secrets-check:
runs-on: ubuntu-latest
permissions:
pull-requests: write
steps:
- name: Infisical Secrets Check
uses: guibranco/github-infisical-secrets-check-action@v3.0.0
with:
gh_token: ${{ secrets.GH_TOKEN }}
Remember to add the repository secret GH_TOKEN
.