Skip to content
Git Secrets Scan

Git Secrets Scan #676

Sign in to view logs

Git Secrets Scan

Git Secrets Scan #676

Workflow file for this run

.github/workflows/secrets-scan.yml at 842cf66
name: Git Secrets Scan
on:
schedule:
- cron: "0 0 * * *"
push:
branches: [main, feature/*, p3sprint/*]
jobs:
git-secrets-scan:
name: Git Secrets Scan
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Install git secrets
run: sudo apt-get update && sudo apt-get install git-secrets -y
- name: Add custom secrets patterns
run: git secrets --add '(\bBEGIN\b).*(PRIVATE KEY\b)'
&& git secrets --add 'AKIA[0-9A-Z]{16}'
&& git secrets --add '^([A-Za-z0-9/+=]{40,})$'
&& git secrets --add '^ghp_[a-zA-Z0-9]{36}'
&& git secrets --add '^github_pat_[a-zA-Z0-9]{22}_[a-zA-Z0-9]{59}'
&& git secrets --add '^v[0-9]\\.[0-9a-f]{40}'
&& git secrets --add '[A-Za-z0-9+/]{88}=='
&& git secrets --add '^[A-Za-z0-9_-]{32}$'
&& git secrets --add 'conclavesso[0-9a-z-]{84}'
&& git secrets --add '\\b[a-z0-9]{80}\\b'
&& git secrets --add '\\b[A-Z0-9]{50}\\b'
&& git secrets --add '\\b[A-Z0-9]{58}\\b'
&& git secrets --add '^[a-zA-Z0-9_-]{32,64}$'
- name: Run git secrets scan
run: |
git secrets --scan
#- name: Send email notification
#uses:
# dawidd6/[email protected]
#if: always()
# with:
# server_address: ${{ secrets.SERVER_ADDRESS }}
#server_port: ${{ secrets.SERVER_PORT }}
# username: ${{ secrets.USER_NAME }}
# password: ${{ secrets.PASSWORD }}
# subject: Git Secrets Scan Results - "${{ github.repository }}"
#to: "[email protected], [email protected], [email protected]"
#from: "[email protected]"
# body: |
# Hi,
# The Git Secrets scan has completed for "${{ github.repository }}". Please review the results below:
# Scan Job URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
# Scan Status: **${{ job.status }}**
# Thank You.
# Brickendon SecOps