Skip to content

Commit

Permalink
Add quotes to status value
Browse files Browse the repository at this point in the history
Whoops, I missed this in my review of #146. Value of status needs to be quoted.

Currently the log looks like
{"event":"github_secret_scanning", "status":success, "createdAt":"2024-10-30T17:20:07Z", "repo":"getsentry/gocd-jsonnet","pull_request":"https://github.com/getsentry/gocd-jsonnet/pull/83","actor":"IanWoodard"}
  • Loading branch information
geoffg-sentry committed Oct 30, 2024
1 parent db5a9a8 commit cc22a51
Showing 1 changed file with 2 additions and 3 deletions.
5 changes: 2 additions & 3 deletions .github/workflows/secret-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -45,8 +45,7 @@ jobs:
--certificate-identity-regexp 'https://github\.com/trufflesecurity/trufflehog/\.github/workflows/.+' \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com"
sha256sum --ignore-missing -c trufflehog_${{ steps.trufflehog_release.outputs.latest_release }}_checksums.txt
sha256sum --ignore-missing -c trufflehog_${{ steps.trufflehog_release.outputs.latest_release }}_checksums.txt
- name: Extract TruffleHog
run: |
Expand All @@ -67,7 +66,7 @@ jobs:
run: |
curl "${{vars.SECRET_SCAN_PANTHER_WEBHOOK_URL}}" \
--header "Authorization: Bearer ${{ secrets.SECRET_SCAN_PANTHER_WEBHOOK_HEADER }}" \
--data '{"event":"github_secret_scanning", "status":${{steps.scan.outcome}}, "createdAt":"${{ github.event.pull_request.created_at }}", "repo":"${{ github.repository }}","pull_request":"https://github.com/${{ github.repository }}/pull/${{ github.event.pull_request.number }}","actor":"${{ github.event.pull_request.user.login }}"}'
--data '{"event":"github_secret_scanning", "status":"${{steps.scan.outcome}}", "createdAt":"${{ github.event.pull_request.created_at }}", "repo":"${{ github.repository }}","pull_request":"https://github.com/${{ github.repository }}/pull/${{ github.event.pull_request.number }}","actor":"${{ github.event.pull_request.user.login }}"}'
- name: Fail workflow if secret detected
if: steps.scan.outcome != 'success'
run: exit 1

0 comments on commit cc22a51

Please sign in to comment.