Action

2021-07-22 18:34:12 -03:00 · 2021-07-22 18:34:12 -03:00 · e9aa062840
commit e9aa062840
parent 8b5470e1b0
2 changed files with 15 additions and 4 deletions
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@ -35,13 +35,24 @@ jobs:
        uses: RobertFischer/detect-secrets-action@v2.0.0
        with:
          DS_ADDL_ARGS: '--only-verified'
-      - name: Security and Licence Scan
+      - name: Commit back .secrets.baseline (if it was missing)
+        uses: stefanzweifel/git-auto-commit-action@v4
+        if: ${{ always() }}   
+        with:
+          commit_message: "build(detect-secrets): Commit the newly-generated .secrets.baseline file"
+      - name: detect-secrets with reviewdog
+        if: ${{ always() }}
+        uses: reviewdog/action-detect-secrets@master
+        with:
+          github_token: ${{ secrets.github_token }}
+          reporter: github-pr-review # Change reporter.
+      - name: Security and Licence Scan      
  # You may pin to the exact commit or the version.
  # uses: ShiftLeftSecurity/scan-action@54980bbdae434b8e7903cfcffa98a2601c207962
        uses: ShiftLeftSecurity/scan-action@v1.3.0
-        if: ${{ always() }}
+        if: ${{ always() }}        
+          # Source directory to scan. Defaults to /github/workspace
        with:
-    # Source directory to scan. Defaults to /github/workspace
          src: /github/workspace
    # Output directory for the generated reports. Defaults to /github/workspace/reports
          output: /github/workspace/reports
--- a/aws.conf
+++ b/aws.conf
@ -1,2 +1,2 @@
 aws_access_key_id: 'ABCdddANCk9pap'
-aws_secret_access_key: "PP109JjkLMnBc+oOpKJ27VDbMEDkELAlk99A7EFF"
+aws_secret_access_key: "PP109JjkLMnBc+oOpKJ27VDbMEDkELAlk99A7EFF"