fix:log hooks quote failure address metrics #1385
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Trufflehog | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| permissions: | |
| contents: read | |
| id-token: write | |
| issues: write | |
| pull-requests: write | |
| jobs: | |
| TruffleHog: | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| shell: bash | |
| steps: | |
| # This action should be the first step of your job, and should be loaded on every separate job. | |
| # If this action is not loaded first, it will not be able to see or block any requests that occured prior to the action running. | |
| - uses: bullfrogsec/bullfrog@dcde5841b19b7ef693224207a7fdec67fce604db # v0.8.3 | |
| with: | |
| # List of IPs to allow outbound connections to. | |
| # By default, only localhost and IPs required for the essential operations of Github Actions are allowed. | |
| #allowed-ips: | |
| # List of domains to allow outbound connections to. | |
| # Wildcards are accepted. For example, if allowing `*.google.com`, this will allow `www.google.com`, `console.cloud.google.com` but not `google.com`. | |
| # By default, only domains required for essential operations of Github Actions and uploading job summaries are allowed. | |
| # Refer to https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners#communication-requirements-for-github-hosted-runners-and-github for additional domains that should be allowed for additional Github Actions features. | |
| #allowed-domains: | |
| # The egress policy to enforce. Valid values are `audit` and `block`. | |
| # Default: audit | |
| egress-policy: audit | |
| - name: Checkout code | |
| uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # f43a0e5ff2bd294095638e18286ca9a3d1956744 | |
| with: | |
| fetch-depth: 0 | |
| - name: TruffleHog OSS | |
| id: trufflehog | |
| uses: trufflesecurity/trufflehog@9adec3cc3630412850b1dbb482de5f428896ccf3 # v3.90.7 | |
| continue-on-error: true | |
| with: | |
| path: ./ | |
| base: "${{ github.event.repository.default_branch }}" | |
| head: HEAD | |
| extra_args: --debug | |
| - name: Scan Results Status | |
| if: steps.trufflehog.outcome == 'failure' | |
| run: exit 1 |