Skip to content
You're viewing an older version of this GitHub Action. Do you want to see the latest version instead?
eye

GitHub Action

Run GitLeaks

v1.0.0

Run GitLeaks

eye

Run GitLeaks

Installs and runs GitLeaks in your actions workflow

Installation

Copy and paste the following snippet into your .yml file.

              
- name: Run GitLeaks

              
  uses: gacts/[email protected]
Learn more about this action in gacts/gitleaks

Choose a version

Logo

Run GitLeaks action

Release version Build Status License

This action provides a simple way to run GitLeaks in your CI/CD pipeline. It can be run on Linux (ubuntu-latest), macOS (macos-latest), or Windows (windows-latest).

In addition, it supports GitLeaks v8.x (and v7.x), and uses GitHub caching mechanism to speed up your workflow execution time!

Usage

jobs:
  gitleaks:
    runs-on: ubuntu-20.04
    steps:
      - uses: actions/checkout@v3
        with: {fetch-depth: 0}

      - uses: gacts/gitleaks@v1
        id: gitleaks
        #with:
        #  version: latest
        #  config-path: .github/.gitleaks.toml
        #  path: any/directory/path

      #- if: ${{ always() }} # disabling reason - https://github.com/zricethezav/gitleaks/issues/782
      #  uses: github/codeql-action/upload-sarif@v2
      #  with:
      #    sarif_file: ${{ steps.gitleaks.outputs.sarif }}

Note: You must use actions/checkout before the gacts/gitleaks step with fetch-depth: 0!

Customizing

Inputs

Following inputs can be used as step.with keys:

Name Type Default Required Description
version string latest yes GitLeaks version (latest or in 1.2.3 format)
config-path string built-in no Path to the config file
path string current working directory no Path to source
run boolean true no Set it to true to run GitLeaks, or false if you don't want it to run
fail-on-error boolean true no Set false for exiting without an error when GitLeaks run failed
github-token string ${{ github.token }} no GitHub auth token

Outputs

In subsequent steps you will be able to use the following variables:

Description How to use in your workflow Example
Path to the GitLeaks binary file ${{ steps.gitleaks.outputs.gitleaks-bin }} /tmp/gitleaks-8.7.1/gitleaks
Path to the report in SARIF format ${{ steps.gitleaks.outputs.sarif }} /tmp/gitleaks.sarif
GitLeaks exit code (will be set only if inputs.run is true) ${{ steps.gitleaks.outputs.exit-code }} 1

Alternative projects

Releasing

New versions releasing scenario:

  • Make required changes in the changelog file
  • Build the action distribution (make build or yarn build)
  • Commit and push changes (including dist directory changes - this is important) into the master branch
  • Publish new release using repo releases page (git tag should follow vX.Y.Z format)

Major and minor git tags (v1 and v1.2 if you publish v1.2.Z release) will be updated automatically.

Support

Issues Issues

If you find any action errors, please, make an issue in the current repository.

License

This is open-sourced software licensed under the MIT License.