generated from CDCgov/template
-
Notifications
You must be signed in to change notification settings - Fork 41
37 lines (33 loc) · 1.22 KB
/
scan_action_logs.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
name: Scan Action Logs
on:
schedule:
- cron: "52 5 * * *"
workflow_dispatch:
jobs:
scan_run_logs:
runs-on: ubuntu-latest
name: Scan repo run logs
steps:
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
- name: Scan run logs
uses: josiahsiegel/runleaks@4dd30d107c03b6ade87978e10c94a77015e488f9
## DevSecOps - Aquia (Replace) - uses: ./.github/actions/runleaks
id: scan
with:
github-token: ${{ secrets.RUNLEAKS_TOKEN }}
run-limit: 300
min-days-old: 0
max-days-old: 1
patterns-path: ".github/runleaks/patterns.txt"
exclusions-path: ".github/runleaks/exclusions.txt"
fail-on-leak: false
- name: Get scan exceptions
if: steps.scan.outputs.count > 0
run: |
echo "count=${{ steps.scan.outputs.count }}"
exceptions='${{ steps.scan.outputs.exceptions }}'
exceptions_out=$(echo ${exceptions//"%0A"/} | jq '.')
printf "\n<details><summary>Exceptions</summary>\n\n\`\`\`json\\n$exceptions_out\\n\`\`\`\n</details>" >> $GITHUB_STEP_SUMMARY
- name: Failure due to exceptions
if: steps.scan.outputs.count > 0
run: exit 1