Merging upstream version 1.0.0.

Signed-off-by: Daniel Baumann <daniel@debian.org>
2025-02-05 11:54:06 +01:00 · 2025-02-05 11:54:06 +01:00 · 3ccac88507
commit 3ccac88507
parent 256a120fdd
36 changed files with 2108 additions and 153 deletions
--- a/.github/workflows/secret-scanner.yml
+++ b/.github/workflows/secret-scanner.yml
@ -0,0 +1,30 @@
+# Secret-scanner workflow from Arista Networks.
+on:
+  pull_request:
+    types: [synchronize]
+  push:
+    branches:
+      - main
+name: Secret Scanner (go/secret-scanner)
+jobs:
+  scan_secret:
+    name: Scan incoming changes
+    runs-on: ubuntu-latest
+    container:
+      image: ghcr.io/aristanetworks/secret-scanner-service:main
+      options: --name sss-scanner
+    steps:
+      - name: Checkout ${{ github.ref }}
+        # Hitting https://github.com/actions/checkout/issues/334 so trying v1
+        uses: actions/checkout@v1
+        with:
+          fetch-depth: 0
+      - name: Run scanner
+        run: |
+          git config --global --add safe.directory $GITHUB_WORKSPACE
+          scanner commit . github ${{ github.repository }} \
+             --markdown-file job_summary.md \
+             ${{ github.event_name == 'pull_request' && format('--since-commit {0}', github.event.pull_request.base.sha) || ''}}
+      - name: Write result to summary
+        run: cat ./job_summary.md >> $GITHUB_STEP_SUMMARY
+        if: ${{ always() }}