You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There have been a few changes in the past few months that break CI workflows (either changes to the GHA or changes to the trufflehog published image). Currently, we have the ability to pin the version of the GHA via branch refs or tags, but there is no ability to pin the version of the container image being used to execute secrets scanning via GHA. If there is an issue that arises from the latest built container image, there is no recourse for callers of this GHA to fall back to a known-safe version.
Preferred Solution
There should be an input to the GHA that allows the caller to specify the version of the trufflehog container to use. The default value should be latest.
Additional Context
References
The text was updated successfully, but these errors were encountered:
Please review the Community Note before submitting
Description
There have been a few changes in the past few months that break CI workflows (either changes to the GHA or changes to the
trufflehog
published image). Currently, we have the ability to pin the version of the GHA via branch refs or tags, but there is no ability to pin the version of the container image being used to execute secrets scanning via GHA. If there is an issue that arises from the latest built container image, there is no recourse for callers of this GHA to fall back to a known-safe version.Preferred Solution
There should be an input to the GHA that allows the caller to specify the version of the
trufflehog
container to use. The default value should belatest
.Additional Context
References
The text was updated successfully, but these errors were encountered: