GitHub Infisical secrets check Action

🚨 A GitHub action to check and report secret leaks in the repository using Infisical CLI.

Usage

The following workflow step will scan for secret leaks in your repository.

  - name: Run the action
    uses: guibranco/github-infisical-secrets-check-action@latest
    id: secrets-scan

Inputs

gh_token: The GitHub token to add the comment in the PR using the mshick/add-pr-comment@v2 GitHub Action.

Outputs

secrets-leaked: The number of secrets leaked found by the Infisical CLI tool.

Example

With default (inherited) GitHub token

name: 'Infisical secrets check'

on:
  pull_request:

  jobs:
    check-secrets:
      runs-on: ubuntu-latest
      permissions:
        contents: read
        pull-requests: write

      steps:
        - uses: actions/checkout@v4
          
        - name: Run the action
          uses: guibranco/github-infisical-secrets-check-action@latest

With a custom GitHub token

name: 'Infisical secrets check'

on:
  pull_request:

  jobs:
    check-secrets:
      runs-on: ubuntu-latest
      permissions:
        contents: read
        pull-requests: write

      steps:
        - uses: actions/checkout@v4
          
        - name: Run the action
          uses: guibranco/github-infisical-secrets-check-action@latest
          with:
            gh_token: ${{ secrets.GH_TOKEN }}

Remember to add the repository secret GH_TOKEN.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

GitHub Infisical secrets check Action

Usage

Inputs

Outputs

Example

With default (inherited) GitHub token

With a custom GitHub token

Sample output

Success - ✅ No secrets leaked

Failure - 🚨 Secrets leaked!

Files

README.md

Latest commit

History

README.md

File metadata and controls

GitHub Infisical secrets check Action

Usage

Inputs

Outputs

Example

With default (inherited) GitHub token

With a custom GitHub token

Sample output

Success - ✅ No secrets leaked

Failure - 🚨 Secrets leaked!