Skip to content

Commit

Permalink
added how to use secret key to example and doc
Browse files Browse the repository at this point in the history
  • Loading branch information
Anton committed Jun 4, 2021
1 parent f753072 commit 0193cad
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ Feedback, contributions, bug reports and improvements issues are really welcome.
## Input variables
This action requires 3 input variables:
- **url**: URL of the OWASP Dependency Track server
- **key**: KEY used to access the OWASP Dependency Track server, please not that this must no be appropiate for public repositories.
- **key**: KEY used to access the OWASP Dependency Track server, please not that this must no be appropiate for public repositories. This key is confidencial information, so we recommend to [create a secret](https://docs.github.com/en/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-a-repository) in the project settings. In the action example we use the name `SECRET_OWASP_DT_KEY` for this secret.
- **language**: (refer to the next section)

## Output variables
Expand Down
2 changes: 1 addition & 1 deletion example-action.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ jobs:
uses: Quobis/action-owasp-dependecy-track-check@main
with:
url: 'https://dtrack.quobis.com'
key: 'rfmikmrTMAOq2323EyLNji340XOF'
key: '${{ secrets.SECRET_OWASP_DT_KEY }}'
language: 'golang'

# Show the risk score output
Expand Down

0 comments on commit 0193cad

Please sign in to comment.