feat(ci): add trufflehog secrets detection (#2262)

* feat(ci): add trufflehog secrets detection * fix(ci): remove unnecessary permissions
author: Luc Georges <McPatate@users.noreply.github.com> 2024-06-10 22:03:54 +0200
committer: GitHub <noreply@github.com> 2024-06-10 21:03:54 +0100
commit: 9f804af29db1273f6580cc8d68b3f7a808f91ee6 (patch)
tree: 6cbb924e658e756052665d9edb6d4e2abf39e135 /.github
parent: 54ff971e35a0fd28da062d416ffb7bc9ac9d40d8 (diff)
download: candle-9f804af29db1273f6580cc8d68b3f7a808f91ee6.tar.gz
candle-9f804af29db1273f6580cc8d68b3f7a808f91ee6.tar.bz2
candle-9f804af29db1273f6580cc8d68b3f7a808f91ee6.zip
1 files changed, 15 insertions, 0 deletions
diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml
new file mode 100644
index 00000000..9cbbf680
--- /dev/null
+++ b/.github/workflows/trufflehog.yml
@@ -0,0 +1,15 @@
+on:
+  push:
+
+name: Secret Leaks
+
+jobs:
+  trufflehog:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+    - name: Secret Scanning
+      uses: trufflesecurity/trufflehog@main
author	Luc Georges <McPatate@users.noreply.github.com>	2024-06-10 22:03:54 +0200
committer	GitHub <noreply@github.com>	2024-06-10 21:03:54 +0100
commit	9f804af29db1273f6580cc8d68b3f7a808f91ee6 (patch)
tree	6cbb924e658e756052665d9edb6d4e2abf39e135 /.github
parent	54ff971e35a0fd28da062d416ffb7bc9ac9d40d8 (diff)
download	candle-9f804af29db1273f6580cc8d68b3f7a808f91ee6.tar.gz candle-9f804af29db1273f6580cc8d68b3f7a808f91ee6.tar.bz2 candle-9f804af29db1273f6580cc8d68b3f7a808f91ee6.zip