trufflehog/action.yml

name: 'TruffleHog OSS'
description: 'Scan Github Actions with TruffleHog'
author: Truffle Security Co. <support@trufflesec.com>

inputs:
  path:
    description: Repository path
    required: true
  base:
    description: Start scanning from here (usually main branch).
    required: true
  head:
    description: Scan commits until here (usually dev branch).
    required: false
  extra_args:
    default: ''
    description: Extra args to be passed to the trufflehog cli.
    required: false
branding:
  icon: "shield"
  color: "green"
runs:
  using: "docker"
  image: "docker://ghcr.io/trufflesecurity/trufflehog:latest"
  args:
    - git
    - file://${{ inputs.path }}
    - --since-commit
    - ${{ inputs.base }}
    - --branch
    - ${{ inputs.head }}
    - --fail
    - ${{ inputs.extra_args }}
update action name 2022-04-08 21:52:36 +00:00			`name: 'TruffleHog OSS'`
Add github action (#295) 2022-04-08 21:33:55 +00:00			`description: 'Scan Github Actions with TruffleHog'`
			`author: Truffle Security Co. <support@trufflesec.com>`

			`inputs:`
			`path:`
			`description: Repository path`
			`required: true`
			`base:`
			`description: Start scanning from here (usually main branch).`
			`required: true`
			`head:`
			`description: Scan commits until here (usually dev branch).`
			`required: false`
Update github action to support generic cli command input (#670) * Update github action to support generic cli command input * revert removal of inputs * echo in entrypoint * test custom docker image * revert docker image reference 2022-08-01 22:05:08 +00:00			`extra_args:`
			`default: ''`
			`description: Extra args to be passed to the trufflehog cli.`
			`required: false`
Add github action (#295) 2022-04-08 21:33:55 +00:00			`branding:`
			`icon: "shield"`
			`color: "green"`
			`runs:`
			`using: "docker"`
Update GitHub action metadata to use ghcr.io image (#534) The 'runs.image:' argument was using `Dockerfile`. This caused a Docker build of the trufflehog image every time someone used this action. I've changed the argument to use the already published Docker image. This will speed up the workflows considerably, since it pulls the image that is already built and available on GitHub's image storage. 2022-05-09 17:58:47 +00:00			`image: "docker://ghcr.io/trufflesecurity/trufflehog:latest"`
Add github action (#295) 2022-04-08 21:33:55 +00:00			`args:`
			`- git`
			`- file://${{ inputs.path }}`
			`- --since-commit`
			`- ${{ inputs.base }}`
			`- --branch`
update action name 2022-04-08 21:52:36 +00:00			`- ${{ inputs.head }}`
Log explanation of non-zero exit with found results (#431) * Log explanation of non-zero exit with found results * Change exit code and add documentation * Adjust exit code handling * Make action fail on found results * Use new overseer * Improve wording * Update README.md 2022-04-21 17:08:51 +00:00			`- --fail`
Update github action to support generic cli command input (#670) * Update github action to support generic cli command input * revert removal of inputs * echo in entrypoint * test custom docker image * revert docker image reference 2022-08-01 22:05:08 +00:00			`- ${{ inputs.extra_args }}`