Skip to content
eye

GitHub Action

secret-search

v1.1 Latest version

secret-search

eye

secret-search

Detect secrets within a code base with Yelp's detect-secrets tool

Installation

Copy and paste the following snippet into your .yml file.

              

- name: secret-search

uses: Hacks4Snacks/[email protected]

Learn more about this action in Hacks4Snacks/secret-search

Choose a version

About The Project

secrets-search is a simple GitHub action wrapper for the phenominal module detect-secrets maintained by the Yelp team. This GitHub action is targetted for individuals without a complex use case that want something easy to integrate and deploy.

Usage

Basic

---
on:
  push:
    branches:
      - '**'

jobs:
  secret-search-job:
    runs-on: 'ubuntu-latest'
    name: Job to scan for secrets
    steps:
      - name: Checkout
        uses: actions/checkout@v1
      - name: Execute secret-search
        uses: Hacks4Snacks/secret-search@main

With Path Filter

---
on:
  push:
    branches:
      - '**'

jobs:
  secret-search-job:
    runs-on: 'ubuntu-latest'
    name: Job to scan for secrets
    steps:
      - name: Checkout
        uses: actions/checkout@v1
      - name: Execute secret-search
        uses: Hacks4Snacks/secret-search@main
        with:
          exclude-file: 'test.txt'

With File Failure Limit

---
on:
  push:
    branches:
      - '**'

jobs:
  secret-search-job:
    runs-on: 'ubuntu-latest'
    name: Job to scan for secrets
    steps:
      - name: Checkout
        uses: actions/checkout@v1
      - name: Execute secret-search
        uses: Hacks4Snacks/secret-search@main
        with:
          failure-count: '5'

Do Not Fail On Detection

---
on:
  push:
    branches:
      - '**'

jobs:
  secret-search-job:
    runs-on: 'ubuntu-latest'
    name: Job to scan for secrets
    steps:
      - name: Checkout
        uses: actions/checkout@v1
      - name: Execute secret-search
        uses: Hacks4Snacks/secret-search@main
        with:
          fail-on-error: 'false'