Add TruffleHog secrets scanner workflow #2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test | |
on: | |
push: | |
branches-ignore: | |
- main | |
jobs: | |
test: | |
name: Test | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: 20 | |
cache: npm | |
- run: npm ci | |
- run: npm run typecheck | |
- run: npm run build | |
# Optional integration test of the action using a dedicated GitHub App. | |
- id: create_token | |
if: ${{ vars.TEST_GITHUB_APP_ID != '' }} | |
uses: ./ | |
with: | |
# The only required permission is `Repository permissions > Metadata: Read-only`. | |
app_id: ${{ vars.TEST_GITHUB_APP_ID }} | |
private_key: ${{ secrets.TEST_GITHUB_APP_PRIVATE_KEY }} | |
- if: ${{ steps.create_token.outcome != 'skipped' }} | |
run: node --eval "assert('${{ steps.create_token.outputs.token }}'.length > 0);" | |
- run: npm run prettier -- --check |