Skip to content

chore(deps): bump the dependencies group with 1 update #92

chore(deps): bump the dependencies group with 1 update

chore(deps): bump the dependencies group with 1 update #92

Workflow file for this run

# PR単位で差分があるファイルに対してSecretlint(シークレットスキャンツール)を実行し、
# アクセストークンなど秘匿すべき値をPRコメントで指摘するワークフローです
# 詳細は以下のドキュメントをご参照ください
# https://andpad-dev.esa.io/posts/8984
name: secretlint
on:
pull_request
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
secretlint:
name: secretlint
runs-on: ubuntu-latest
# Skip any PR created by dependabot to avoid permission issues
if: (github.actor != 'dependabot[bot]')
steps:
- name: Check out code
uses: actions/checkout@v4 # v3.5.3
with:
fetch-depth: 0
- uses: reviewdog/action-setup@80a06617492b461a66508e2dedf16233f0506804 # v1.0.6
- id: changed-files
uses: tj-actions/changed-files@a21a533a0c244a27daac02f9dc6fcf8aeb996154 # v39.1.1
- name: Run secretlint
if: steps.changed-files.outputs.all_changed_files_count != '0'
env:
REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
docker run \
-v $(pwd):/workdir \
-w /workdir \
secretlint/secretlint:v7.0.2@sha256:f0b1a4944a6a0f3d6a494c063b807ff6febc762f6fdf52466b2b8e3b278966d2 \
secretlint --format checkstyle ${{ steps.changed-files.outputs.all_changed_files }} \
| sed 's#="/workdir/#="#g' \
| reviewdog -f=checkstyle -reporter=github-pr-review -diff="git diff FETCH_HEAD"