docs(brand): movie-style english subtitles and readability/art pass #28
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: SecretHawk Scan | |
| on: | |
| pull_request: | |
| push: | |
| branches: ["main"] | |
| jobs: | |
| secret-scan: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| security-events: write | |
| contents: read | |
| actions: read | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Build SecretHawk | |
| run: go build -o secrethawk ./cmd/secrethawk | |
| - name: SecretHawk Scan (SARIF) | |
| id: scan | |
| continue-on-error: true | |
| run: ./secrethawk scan --since origin/main --validate --fail-on high --fail-on-active --format sarif --output secrethawk.sarif | |
| - name: Upload SARIF | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: secrethawk.sarif | |
| - name: Fail when threshold reached | |
| if: steps.scan.outcome == 'failure' | |
| run: exit 1 |