This repository has been archived by the owner on May 20, 2024. It is now read-only.
Update dependency test/pylint to v3.2.2 #1177
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: secrets | |
| on: [push, pull_request] | |
| jobs: | |
| scan: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 | |
| - name: scan | |
| run: | | |
| export DEBIAN_FRONTEND=noninteractive && \ | |
| echo 'debconf debconf/frontend select Noninteractive' | sudo debconf-set-selections && \ | |
| sudo apt-get update && \ | |
| python3 -m pip install --upgrade pip && \ | |
| pip3 install whispers && \ | |
| mkdir /home/runner/reports/ && \ | |
| whispers --severity BLOCKER,CRITICAL -o /home/runner/reports/whispers.json -c ${GITHUB_WORKSPACE}/.github/workflows/config/whispers-config.yml ${GITHUB_WORKSPACE} && \ | |
| echo "::set-output name=found-count::$(wc -l /home/runner/reports/whispers.json | cut -d' ' -f1)" | |
| - name: Fail if found | |
| if: steps.scan.outputs.found-count != 0 | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| echo {{steps.scan.outputs.found-count}} && \ | |
| core.setFailed('Secrets found. Please check the uploaded report') | |
| - name: Upload scan reports | |
| uses: actions/[email protected] | |
| if: failure() | |
| with: | |
| name: whispers-report | |
| path: /home/runner/reports/whispers.json |