Skip to content

[Gitleaks]: Scan and report #81

[Gitleaks]: Scan and report

[Gitleaks]: Scan and report #81

name: '[Gitleaks]: Scan and report'
on:
workflow_dispatch:
schedule:
- cron: "0 4 * * *"
jobs:
scan_and_report:
runs-on: ubuntu-latest
strategy:
matrix:
repositories:
- apify/apify-core
- apify/apify-infra
- apify/apify-worker
- apify/apify-lambdas
- apify/apify-conductor
- apify/apify-web
- apify/docs
- apify/apify-imgproxy
- apify/apify-proxy
- apify/apify-slack-app
- apify/apify-status-page-tests
name: Scan and report
steps:
- uses: actions/checkout@v3
with:
repository: ${{ matrix.repositories }}
token: ${{ secrets.APIFY_SERVICE_ACCOUNT_GITHUB_TOKEN }}
- run: |
curl -sSL https://github.com/gitleaks/gitleaks/releases/download/v8.16.4/gitleaks_8.16.4_linux_x64.tar.gz | tar xz -C /tmp
/tmp/gitleaks --report-path report.json -v --no-color --redact detect > report.md
# Dont process report.json file further
rm report.json
- if: failure()
run: |
curl -F [email protected] -F "initial_comment=:rotating_light: Hello, Gitleaks report :rotating_light: Affected repository: ${{ matrix.repositories }}" -F channels=C05E6DLQLG2 -H "Authorization: Bearer ${{ secrets.SLACK_APP_APIFY_REPORTER_TOKEN }}" https://slack.com/api/files.upload