name: git-secrets
# Controls when the workflow will run
# Triggers the workflow on push or pull request events but only for the main branch
on: [push]
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
  # This workflow contains a single job called "main"
  git-secrets:
    # The type of runner that the job will run on
    runs-on: ubuntu-22.04
    # Steps represent a sequence of tasks that will be executed as part of the job
    steps:
      - name: Check Out Source Code
        uses: actions/checkout@v3
      - name: Set up Python 3.8
        uses: actions/setup-python@v4
        with:
          python-version: 3.8
      - name: Installing dependencies
        run:
          sudo apt-get install less openssh-server
      - name: Installing scanning tool
        run: |
          eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
          ln -s "$(which echo)" /usr/local/bin/say
          brew install git-secrets
          git secrets --install
          git secrets --register-aws
      - name: Running scanning tool
        run:
          eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
          git secrets --scan