Skip to content

Version pinning for GHA #2397

New issue
Jump to bottom
New issue
Jump to bottom
Closed
Closed
Version pinning for GHA#2397
Labels
enhancement
@skeweredlogic

Description

@skeweredlogic
skeweredlogic
opened on Feb 7, 2024

Please review the Community Note before submitting

Description

There have been a few changes in the past few months that break CI workflows (either changes to the GHA or changes to the trufflehog published image). Currently, we have the ability to pin the version of the GHA via branch refs or tags, but there is no ability to pin the version of the container image being used to execute secrets scanning via GHA. If there is an issue that arises from the latest built container image, there is no recourse for callers of this GHA to fall back to a known-safe version.

Preferred Solution

There should be an input to the GHA that allows the caller to specify the version of the trufflehog container to use. The default value should be latest.

Additional Context

References

Metadata

Assignees

No one assigned

    Labels

    enhancement

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions