It would be exceptionally convenient if instead of notifying a comma separated list of users, we could use a GitHub Team. The syntax would be identical to that which is used in CODEOWNERS.
Proposed usage:
name: gitleaks
on:
schedule:
- cron: "0 4 * * *" # run once a day at 4 AM
jobs:
scan:
name: gitleaks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- uses: gitleaks/gitleaks-action@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}}
GITLEAKS_NOTIFY_USER_LIST: @foo-org/github-security-managers
It would be exceptionally convenient if instead of notifying a comma separated list of users, we could use a GitHub Team. The syntax would be identical to that which is used in CODEOWNERS.
Proposed usage: