Secret Scanning GitHub Workflow
The secret-scanning workflow is designed to identify sensitive information such as API keys, passwords, and other secrets within your codebase. By integrating secret scanning into your CI/CD pipeline, developers can proactively prevent the accidental exposure of confidential data, enhancing the overall security posture of the application.
The secret-scanning workflow accepts the following inputs:
| Name | Description | Required | Default Value |
|---|---|---|---|
api-url | URL of the DevGuard API | No | https://api.devguard.org |
asset-name | Name of the asset to be scanned | Yes | |
path | Path to the source code to be scanned | No | . |
Usage Example:
Here's an example of how to call this reusable workflow from another workflow file: