use inputs to get token
All checks were successful
Gosec Check / Gosec Check (push) Successful in 26s
All checks were successful
Gosec Check / Gosec Check (push) Successful in 26s
This commit is contained in:
parent
8c76e44d10
commit
b6774dc842
GPG key ID:
E46B5FEA35B22FF9
2 changed files with 15 additions and 1 deletions
14
action.yml
14
action.yml
|
|
@ -1,5 +1,19 @@
|
|||
name: 'GoSec Scanning'
|
||||
description: 'Scan codebase with gosec'
|
||||
inputs:
|
||||
token:
|
||||
description: >
|
||||
Personal access token (PAT) used to fetch the repository. The PAT is configured
|
||||
with the local git config, which enables your scripts to run authenticated git
|
||||
commands. The post-job step removes the PAT.
|
||||
|
||||
|
||||
We recommend using a service account with the least permissions necessary.
|
||||
Also when generating a new PAT, select the least scopes necessary.
|
||||
|
||||
|
||||
[Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
|
||||
default: ${{ github.token }}
|
||||
runs:
|
||||
using: 'docker'
|
||||
image: 'docker://git.shadowhosting.xyz/actions/goscan:latest'
|
||||
|
|
@ -185,7 +185,7 @@ var rootCmd = &cobra.Command{
|
|||
log.Fatalln(err)
|
||||
}
|
||||
|
||||
forgeClient, err := forgejo.NewClient(actionCtx.ServerURL, forgejo.SetToken(os.Getenv("GITHUB_TOKEN")))
|
||||
forgeClient, err := forgejo.NewClient(actionCtx.ServerURL, forgejo.SetToken(action.GetInput("token")))
|
||||
if err != nil {
|
||||
log.Fatalln(err)
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue