CHEF-31159 Setup common config to block PR merges if trufflehog fails by nikhil2611 · Pull Request #548 · chef/knife-windows

nikhil2611 · 2026-05-19T08:29:36Z

Description

This PR updates the CI workflow configuration to block PR merges when Trufflehog detects secrets.

Added fail-trufflehog-on-secrets-found: true to fail builds when secrets are detected.

Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Breaking change (fix or feature that would cause existing functionality to change)
Chore (non-breaking change that does not add functionality or fix an issue)

I have read the CONTRIBUTING document.
I have run the pre-merge tests locally and they pass.
I have updated the documentation accordingly.
I have added tests to cover my changes.
If Gemfile.lock has changed, I have used --conservative to do it and included the full output in the Description above.
All new and existing tests passed.
All commits have been signed-off for the Developer Certificate of Origin.

Signed-off-by: nikhil2611 <ngupta@progress.com>

CHEF-31159: Setup common config to block PR merges if trufflehog fails

933ad7d

Signed-off-by: nikhil2611 <ngupta@progress.com>

nikhil2611 requested review from a team and jaymzh as code owners May 19, 2026 08:29

nikhil2611 added Expeditor: Skip All Used to skip all merge_actions. ai-assisted labels May 19, 2026

ashiqueps approved these changes May 20, 2026

View reviewed changes

nikhil2611 merged commit a6ba739 into main May 20, 2026
39 checks passed