gitleaks-action icon indicating copy to clipboard operation
gitleaks-action copied to clipboard
verified publisher icon gitleaks

Enhancement | GITLEAKS_NOTIFY_USER_LIST to use GitHub Teams

Open tim-chaffin opened this issue 1 year ago • 0 comments

It would be exceptionally convenient if instead of notifying a comma separated list of users, we could use a GitHub Team. The syntax would be identical to that which is used in CODEOWNERS.

Proposed usage:

name: gitleaks
on:
  schedule:
    - cron: "0 4 * * *" # run once a day at 4 AM
jobs:
  scan:
    name: gitleaks
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
        with:
          fetch-depth: 0
      - uses: gitleaks/gitleaks-action@v2
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}}
          GITLEAKS_NOTIFY_USER_LIST: @foo-org/github-security-managers

tim-chaffin avatar Mar 12 '24 20:03 tim-chaffin