docker github action to run trufflehog and then lintly

A GitHub Action that scans the repo for secrets with Trufflehog then automatically creates pull request reviews if there are any violations.

To use Lintly-trufflehog GitHub Action, add the following to a GitHub Actions workflow file such as .github/workflows/main.yml:

on: [pull_request]

jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1
      - uses: scriptsrc/trufflelintly@main
        with:
          # (Required) The GitHub API token to create reviews with
          token: ${{ secrets.GITHUB_TOKEN }}

          # Fail if "new" violations detected or "any", default "new"
          failIf: new

          # Additional arguments to pass to trufflehog
          args: ""

Now each PR created will be checked for secrets. If there are any violations then Lintly will comment on the PR using the github-actions bot user.

Note: Lintly-CFN-Nag only works with the pull_request event. If your job runs on the push event then make sure the Lintly-CFN-Nag step only runs on the pull request event by adding if: github.event_name == 'pull_request':

      - uses: scriptsrc/trufflelintly@main
        if: github.event_name == 'pull_request'