opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-20 08:36:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

Scanning-secrets: Support new-branch/renovate link

Browse Source 
Signed-off-by: Chris Evich <cevich@redhat.com>
This commit is contained in:
Chris Evich
2024-02-01 11:06:54 -05:00
parent 0e9b07a029
commit 0a4beea6db
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/scan-secrets.yml vendored
View File

@ -81,6 +81,12 @@ jobs:
name: Provide URL showing code that needs human eyes (force-push or merge)
shell: bash
run: |
if [[ "$before" =~ ^0000+ ]]; then # Push to new branch (i.e. renovate branch)
echo "Please review newly opened branch for secret-leaks:"
# The event JSON provides the URL we need
jq -r -e '.compare' $GITHUB_EVENT_PATH
return 0
fi
echo "Please review force-push or merged-pr changes for secret-leaks:"
before=$(jq -r -e '.before' $GITHUB_EVENT_PATH)
after=$(jq -r -e '.after' $GITHUB_EVENT_PATH)