search

gitleaks / gitleaks-action

Protect your secrets using Gitleaks-Action
https://gitleaks.io
Other
319 stars 122 forks source link

Not possible to apply GITLEAKS_NOTIFY_USER_LIST #132

Open pylapp opened 7 months ago

pylapp commented 7 months ago

Using the following gitleaks-actions.yaml bellow located in the .github/workflows folder, the GitHub actions on push fails with the error:

You have an error in your yaml syntax on line 15
name: gitleaks
on: [pull_request, push, workflow_dispatch]
jobs:
  scan:
    name: gitleaks
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
        with:
          fetch-depth: 0
      - uses: gitleaks/gitleaks-action@v2
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}}
          GITLEAKS_NOTIFY_USER_LIST: @foo @bar @wizz

where the line 15 is the line with GITLEAKS_NOTIFY_USER_LIST env variable and foo, bar and wizz are three users added in the GitHub repository where the GitHub Actions is applied (handles have been anonymized)

__However it seems the syntax of GITLEAKS_NOTIFY_USER_LIST is correct, how to fix this issue?__

aman-nankani-inno commented 7 months ago

Hello, did you get it to run? Even I am having the same error and the emails are not being sent out to the users mentioned in the list.

tim-chaffin commented 6 months ago

Did you try commas instead of spaces? e.g. GITLEAKS_NOTIFY_USER_LIST:@foo,@bar,@wizz

pylapp commented 5 months ago

I should try it soon.

BONDSK01 commented 3 months ago

Anyone find a solution to this. I can't seem to get the GITLEAKS_NOTIFY_USER_LIST functionality to work either.

BONDSK01 commented 2 months ago

I found a solution to this this. It isn't super clear but you need to create a single string like.

GITLEAKS_NOTIFY_USER_LIST: '@foo, @bar, @wizz'

tim-chaffin commented 2 months ago

Nice find 😎