-
-
Notifications
You must be signed in to change notification settings - Fork 0
23 lines (21 loc) · 744 Bytes
/
Copy pathggshield.yaml
File metadata and controls
23 lines (21 loc) · 744 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
name: GitGuardian Scan
on:
push:
pull_request:
jobs:
scanning:
name: GitGuardian Scan
runs-on: ubuntu-latest
# Skip when:
# - Dependabot PR (no secret access, only updates dependencies)
# - GITGUARDIAN_API_KEY not configured (graceful skip for newly-init'd repos
# before the secret is set; Dependabot also lands here because it has no
# secret access, but the explicit actor check above is kept for clarity)
if: github.actor != 'dependabot[bot]' && secrets.GITGUARDIAN_API_KEY != ''
steps:
- uses: actions/checkout@v6
with:
fetch-depth: 0
- uses: GitGuardian/ggshield-action@v1
env:
GITGUARDIAN_API_KEY: ${{ secrets.GITGUARDIAN_API_KEY }}