ci: graceful-skip ggshield + codecov when their secrets aren't set #36
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: GitGuardian Scan | ||
|
Check failure on line 1 in .github/workflows/ggshield.yaml
|
||
| on: | ||
| push: | ||
| pull_request: | ||
| jobs: | ||
| scanning: | ||
| name: GitGuardian Scan | ||
| runs-on: ubuntu-latest | ||
| # Skip when: | ||
| # - Dependabot PR (no secret access, only updates dependencies) | ||
| # - GITGUARDIAN_API_KEY not configured (graceful skip for newly-init'd repos | ||
| # before the secret is set; Dependabot also lands here because it has no | ||
| # secret access, but the explicit actor check above is kept for clarity) | ||
| if: github.actor != 'dependabot[bot]' && secrets.GITGUARDIAN_API_KEY != '' | ||
| steps: | ||
| - uses: actions/checkout@v6 | ||
| with: | ||
| fetch-depth: 0 | ||
| - uses: GitGuardian/ggshield-action@v1 | ||
| env: | ||
| GITGUARDIAN_API_KEY: ${{ secrets.GITGUARDIAN_API_KEY }} | ||
