Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/trufflesecurity/trufflehog-enterprise-github-action

Find exposed credentials using GitHub Actions with TruffleHog Enterprise.
https://github.com/trufflesecurity/trufflehog-enterprise-github-action

actions github-actions secrets trufflehog

Last synced: 3 days ago
JSON representation

Find exposed credentials using GitHub Actions with TruffleHog Enterprise.

Host: GitHub
URL: https://github.com/trufflesecurity/trufflehog-enterprise-github-action
Owner: trufflesecurity
License: apache-2.0
Created: 2021-06-24T19:05:55.000Z (over 3 years ago)
Default Branch: main
Last Pushed: 2024-11-21T21:12:35.000Z (about 1 month ago)
Last Synced: 2024-12-23T16:32:22.376Z (11 days ago)
Topics: actions, github-actions, secrets, trufflehog
Language: Dockerfile
Homepage: https://trufflesecurity.com
Size: 10.7 KB
Stars: 14
Watchers: 13
Forks: 9
Open Issues: 1
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

README

# [TruffleHog Enterprise](https://trufflesecurity.com/) GitHub Action

[![GitHub Marketplace](https://img.shields.io/badge/Actions-Marketplace-undefined.svg?logo=github&logoColor=white&style=for-the-badge)](https://github.com/marketplace/actions/trufflehog-enterprise)
[![License](https://img.shields.io/github/license/trufflesecurity/TruffleHog-Enterprise-Github-Action?color=green&style=for-the-badge)](LICENSE)

Find exposed credentials in your CI using [**TruffleHog Enterprise**](https://trufflesecurity.com/).

> [!IMPORTANT]
> This action is deprecated. Please instead [use the open-source tool to scan as a GitHub action](https://github.com/trufflesecurity/trufflehog?tab=readme-ov-file#octocat-trufflehog-github-action).

## Usage

Add a new job to your GitHub workflow using the `trufflesecurity/TruffleHog-Enterprise-Github-Action` action.

```yaml
name: TruffleHog Enterprise scan

on: [push, pull_request]

jobs:
scanning:
name: TruffleHog Enterprise scan
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0 # fetch all history so multiple commits can be scanned
- name: TruffleHog Enterprise scan
uses: trufflesecurity/TruffleHog-Enterprise-Github-Action@main
with:
args: --fail-verified ${{ github.event.repository.default_branch }} HEAD
```

Be sure to set the repository or organization secrets on GitHub with the variables that are referenced above.

### Extra scanner options

The following options can be added to the action by adding them to the args list.

```bash
Flags:
--help Show context-sensitive help (also try --help-long and --help-man).
-v, --debug Enable debug mode.
--trace Enable tracing of code line numbers.
--json Enable JSON output.
--send-error-telemetry Turns error telemetry off.
--fail-verified Only emit failure code for verified findings.
--quiet Only show results.
--config=CONFIG Path to configuration file. You can also specify Google Secrets Manager secrets with
'gsm:///'.

Args:
Start scanning from here (usually main branch).
Scan commits until here (usually dev branch).
[] Optional path to the repo to scan.
```