Skip to content
This repository has been archived by the owner on Nov 22, 2023. It is now read-only.

Sign docker image

Sign docker image #7

Workflow file for this run

name: Secrets Check
on:
push:
branches: [main]
jobs:
check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: validate github workflow files to have pinned versions
uses: digitalservicebund/github-actions/github-actions-linter@5009471245d84903ea1af84104eb1908f8e2b2a2
- name: Detect secrets in incoming commits with Talisman
# Third-party action, pin to commit SHA!
# See https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions
# enforced by digitalservicebund/github-actions/github-actions-linter
uses: carhartl/talisman-secrets-scan-action@702fc5c52170632a568124896148a80f38521ac4
- name: Send status to Slack
# Third-party action, pin to commit SHA!
# See https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions
uses: lazy-actions/slatify@c4847b8c84e3e8076fd3c42cc00517a10426ed65 # == v3.0.0
if: ${{ failure() && env.SLACK_WEBHOOK_URL }}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
with:
type: ${{ job.status }}
job_name: "Secrets scan :point_right:"
mention: "here"
mention_if: "failure"
commit: true
url: ${{ secrets.SLACK_WEBHOOK_URL }}
token: ${{ secrets.GITHUB_TOKEN }}