Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GitHub action incorrect behavior #677

Closed
GG-HH opened this issue Aug 9, 2023 · 1 comment
Closed

GitHub action incorrect behavior #677

GG-HH opened this issue Aug 9, 2023 · 1 comment
Labels
status:new This issue needs to be reviewed type:bug Something isn't working

Comments

@GG-HH
Copy link
Collaborator

GG-HH commented Aug 9, 2023

Environment

  • ggshield version: 1.17.3
  • in GitHub action

Describe the bug

GitHub action for secret scanning only scan the last commit when pushing multiple commits to a branch

Steps to reproduce:

  1. Create a repo with the GitHub action defined as stated in the documentation
  2. Create locally a branch with at least two commits, the first one containing example secrets.
  3. Push the commits

Actual result:

  1. The action is run
  2. The action scans the last commit (and displays that it has one commit to scan)
  3. The action does not fail because the last commit doesn't contain any secrets

Expected result:

  • the action should scan all the newly pushed commits
  • the action should fail because one of the commits contains secrets

An example can be found in one of my repos

Potential solution

I suspect that we use incorrect variables in the template. We should rely directly on the environment variables given here and eventually adapt our code. This should simplify the template for the GH action as well.

Other related considerations

CI commands for both SCA and IaC may be impacted by this problem and will require attention.
@GG-HH GG-HH added type:bug Something isn't working status:new This issue needs to be reviewed labels Aug 9, 2023
@GG-HH
Copy link
Collaborator Author

GG-HH commented Aug 11, 2023

Fixed with #679

@GG-HH GG-HH closed this as completed Aug 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status:new This issue needs to be reviewed type:bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GG-HH