Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Version pinning for GHA #2397

Closed
skeweredlogic opened this issue Feb 7, 2024 · 1 comment
Closed

Version pinning for GHA #2397

skeweredlogic opened this issue Feb 7, 2024 · 1 comment

Comments

@skeweredlogic
Copy link
Contributor

Please review the Community Note before submitting

Description

There have been a few changes in the past few months that break CI workflows (either changes to the GHA or changes to the trufflehog published image). Currently, we have the ability to pin the version of the GHA via branch refs or tags, but there is no ability to pin the version of the container image being used to execute secrets scanning via GHA. If there is an issue that arises from the latest built container image, there is no recourse for callers of this GHA to fall back to a known-safe version.

Preferred Solution

There should be an input to the GHA that allows the caller to specify the version of the trufflehog container to use. The default value should be latest.

Additional Context

References

skeweredlogic added a commit to skeweredlogic/trufflehog that referenced this issue Feb 7, 2024
zricethezav pushed a commit that referenced this issue Feb 7, 2024
* Allow CLI version pinning in GHA (#2397)

* prevent segfault in test-community
@zricethezav
Copy link
Collaborator

Hey @skeweredlogic gonna close this issue since your PR has been merged. Thanks a ton for the contribution. This is a great change.

ahrav pushed a commit that referenced this issue Feb 11, 2024
* Allow CLI version pinning in GHA (#2397)

* prevent segfault in test-community
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

No branches or pull requests

2 participants