From bedb6911963a80ad483a7f7e30ba80364eb2cda0 Mon Sep 17 00:00:00 2001
From: Michael Long <mlongii@amazon.com>
Date: Thu, 18 Apr 2024 10:53:42 -0400
Subject: [PATCH] add trufflehog action for secrets scanning

---
 .github/workflows/scan_for_secrets.yml | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 .github/workflows/scan_for_secrets.yml

diff --git a/.github/workflows/scan_for_secrets.yml b/.github/workflows/scan_for_secrets.yml
new file mode 100644
index 0000000..5e7856e
--- /dev/null
+++ b/.github/workflows/scan_for_secrets.yml
@@ -0,0 +1,25 @@
+name: Scan for Secrets
+
+# This workflow tests that the action can successfully
+# scan a GitHub repository. This workflow runs automatically
+# every 6 hours, and on pushes.
+
+on: [push]
+
+jobs:
+  daily_job:
+    runs-on: ubuntu-latest
+    environment:
+      name: plugin-development
+
+    steps:
+      - name: Checkout this repository
+        uses: actions/checkout@v4
+
+      - name: TruffleHog OSS
+        uses: trufflesecurity/trufflehog@v3.73.0
+        with:
+          extra_args: --only-verified
+            
+
+