action.yml

name: Run detect-secrets with reviewdog
description: 🐶 Run detect-secrets with reviewdog on pull requests to improve code review experience.
inputs:
  github_token:
    description: GITHUB_TOKEN
    default: ${{ github.token }}
  name:
    description: Report name
    default: detect-secrets
  workdir:
    description: "The directory from which to look for and run detect-secrets. Default: '.'"
    default: "."
  filter_mode:
    description: Reviewdog filter mode [added, diff_context, file, nofilter]
    default: added
  fail_level:
    description: |
      If set to `none`, always use exit code 0 for reviewdog.
      Otherwise, exit code 1 for reviewdog if it finds at least 1 issue with severity greater than or equal to the given level.
      Possible values: [none,any,info,warning,error]
      Default is `none`.
    default: 'none'
  fail_on_error:
    description: Deprecated, use `fail_level` instead. Whether reviewdog should fail when errors are found. [true,false] - This is useful for failing CI builds.
    deprecationMessage: Deprecated, use `fail_level` instead.
    default: "false"
  level:
    description: Report level for reviewdog [info,warning,error]
    default: error
  reporter:
    description: |
      Reporter of reviewdog command [github-pr-check,github-pr-review,github-check].
      Default is github-pr-check.
      github-pr-review can use Markdown and add a link to rule page in reviewdog reports.
    default: github-pr-check
  reviewdog_flags:
    description: Additional reviewdog flags
    default: ""
  detect_secrets_flags:
    description: Flags and args of detect-secrets command. The default is '--all-files --force-use-all-plugins'.
    default: --all-files --force-use-all-plugins
  baseline_path:
    description: The baseline path to update. If not provided, a new baseline will be created.
    default: ""
  skip_audited:
    description: Whether to skip secrets that have been audited. [true,false]
    default: "false"
  verbose:
    description: Whether to print verbose output. [true,false]
    default: "false"
runs:
  using: docker
  image: Dockerfile
branding:
  icon: shield
  color: green