secret-scanning v1

This action scans your repository under $GITHUB_WORKSPACE for any potential secrets such as AWS_ACCESS_KEY and notifies. Secret log is maintained if you are Cloudanix client.

Usage

- uses: geek-nero/secret-scanning@v1
  with: 
    # Complete file paths of the files to be excluded from scanning, seprated by commas, avoid adding unnecessary spaces.
    file-exclusions: "file1.txt,file2.txt"
    # Add comma seprated hashes of the secret you want to skip, avoid adding unnecessary spaces.
    hash-exclusions: "a79abde231aa49cf3ef6f0a0856730860bbd1894"
    # Add comma seprated plugins or regex names to exclude, avoid adding unnecessary spaces.
    plugin-exclusions: "GitHub Token"
    # Add space sperated regexes to exclude scanning with those regexes, avoid adding unneccessary spaces. In this case
    # the regexes would be "foo" and "bar".
    custom-regexes: "foo bar"

Client Only:

Build should contain the following variables in environment to send response to backend:

CDX_API_ENDPOINT
CDX_AUTHZ_TOKEN
SECRET_KEY

They can be added using GitHub secrets.

Name		Name	Last commit message	Last commit date
Latest commit History 42 Commits
README.md		README.md
action.yml		action.yml
binary_extensions.json		binary_extensions.json
binary_mimetypes.json		binary_mimetypes.json
default_regexes.json		default_regexes.json
entrypoint.py		entrypoint.py
main.py		main.py
requirements.txt		requirements.txt
validations_mapping.json		validations_mapping.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

secret-scanning v1

Usage

Client Only:

About

Releases 1

Packages

Languages

geekNero/secret-scanning

Folders and files

Latest commit

History

Repository files navigation

secret-scanning v1

Usage

Client Only:

About

Resources

Stars

Watchers

Forks

Releases 1

Packages 0

Languages

Packages