Skip to content

rasterize-email-unique-file #127065

rasterize-email-unique-file

rasterize-email-unique-file #127065

name: Secrets Detection
on: pull_request
jobs:
secrets_detection:
runs-on: ubuntu-latest
if: github.repository == 'demisto/content' && github.event.pull_request.head.repo.fork == false && github.actor != 'dependabot[bot]'
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: "3.9"
- name: Setup Poetry
uses: Gr1N/setup-poetry@v9
- name: Install Python Dependencies
run: |
poetry install --with github-actions
- name: Run Secrets Detection
env:
PR_NUMBER: ${{ github.event.pull_request.number }}
BRANCH_NAME: ${{ github.head_ref }}
USERNAME: ${{ secrets.SECRET_CHECK_USER_NG }}
PASSWORD: ${{ secrets.SECRET_CHECK_PASS_NG }}
GOLD_SERVER_URL: ${{ secrets.GOLD_SERVER_URL_NG }}
run: |
echo "Run secrets detection for PR: $PR_NUMBER on branch: $BRANCH_NAME"
investigation_id=$(poetry run .github/github_workflow_scripts/run_secrets_detection.py --pr_number $PR_NUMBER --branch_name $BRANCH_NAME --username $USERNAME --password $PASSWORD --gold_server_url $GOLD_SERVER_URL)
echo "INVESTIGATION_ID=$investigation_id" >> $GITHUB_ENV
- name: Wait For Playbook To Finish
env:
GOLD_API_KEY: ${{ secrets.SECRETS_GOLD_API_KEY_NG }}
AUTH_ID: ${{ secrets.SECRETS_GOLD_AUTH_ID_NG }}
GOLD_SERVER_URL: ${{ secrets.GOLD_SERVER_URL_NG_RESULT }}
run: |
echo "Invastigation id is: $INVESTIGATION_ID "
poetry run python ./.github/github_workflow_scripts/run_secrets_detection_get_playbook_status.py -i $INVESTIGATION_ID -k $GOLD_API_KEY -ai $AUTH_ID --gold_server_url $GOLD_SERVER_URL