Secret Scanning

The secret-scanning workflow is designed to identify sensitive information such as API keys, passwords, and other secrets within your codebase. By integrating secret scanning into your CI/CD pipeline, developers can proactively prevent the accidental exposure of confidential data, enhancing the overall security posture of the application.

The secret-scanning accept a following inputs:

Name	Description	Required	Default Value
`api-url`	URL of the DevGuard API	No	`https://api.main.devguard.org`
`asset-name`	Name of the asset to be scanned	Yes
`path`	Path to the source code to be scanned	No	`.`

Usage Example: Here’s an example of how to call this reusable workflow from another workflow file:

name: DevGuard Workflow
 
on:
    push
 
jobs:
    devguard-secret-scanning:
        uses: l3montree-dev/devguard-action/.github/workflows/secret-scanning.yml@main
        with:
          api-url: https://api.main.devguard.org
          asset-name: 'myOrgnaization/projects/myProject/assets/myAsset'
        secrets:
          devguard-token: ${{ secrets.DEVGUARD_TOKEN }}

Full Static Application Security Testing