Skip to content

carbon accounting trivy scan #139

carbon accounting trivy scan

carbon accounting trivy scan #139

name: GitGuardian scan
on:
push:
pull_request:
# Publish `main` as Docker `latest` image.
branches:
- main
# Publish `v1.2.3` tags as releases.
tags:
- v*
jobs:
scanning:
name: GitGuardian scan
runs-on: ubuntu-20.04
steps:
- name: Checkout
uses: actions/checkout@v3.5.2
with:
fetch-depth: 0 # fetch all history so multiple commits can be scanned
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: GitGuardian scan
uses: GitGuardian/ggshield-action@v1.14.4
with:
args: --show-secrets --exit-zero --all-policies --verbose
env:
GITHUB_PUSH_BEFORE_SHA: ${{ github.event.before }}
GITHUB_PUSH_BASE_SHA: ${{ github.event.base }}
GITHUB_PULL_BASE_SHA: ${{ github.event.pull_request.base.sha }}
GITHUB_DEFAULT_BRANCH: main
GITGUARDIAN_API_KEY: ${{ secrets.GITGUARDIAN_API_KEY }}