Detects secrets that are defined in the repository and are not used in Github Actions
Project description
detect-gh-actions-unused-secrets
Detects secrets that are defined in the repository and are not used in Github Actions.
What it does:
- Get repository secrets using Github Actions API
- Clone the repository
- Search through the Github Actions related files (
.github/workflows/*.yamland.github/workflows/*.yml) and try to find usages of each secret - Report those secrets which are not found
Prerequisites
- Github token with
reposcope (Github docs)
Installation
pip install detect-gh-actions-unused-secrets
Usage
detect-gh-actions-unused-secrets <token> <owner>/<repo1> <owner/repo2>
--generate-curls
Option to generate a text file with curls to delete all unused secrets in the repositories that were scanned.
detect-gh-actions-unused-secrets <token> <owner>/<repo1> --generate-curls
This command will produce a file called curls.sh that will contain line-by-line curl commands to delete all unused secrets in <owner>/<repo1> repository. This endpoint will be utilized.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for detect_gh_actions_unused_secrets-0.5.0.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 35b902de3414d17df4a0a347e3a9d1c85ac1e06cf70d35722d905fd52d6c502b |
|
| MD5 | cdc0293c5abf362c45b9d1cb20a0fc74 |
|
| BLAKE2b-256 | f3bccb169bed4db174a3ab2add4a1c4b47e1dc49b935bc806e49e18b5e5d9a07 |
Close
Hashes for detect_gh_actions_unused_secrets-0.5.0-py2.py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 3bcf290e3a0cbcd8d68ed0431cad5988af85e623eb721877c8893a6d671baa6a |
|
| MD5 | 6079cd76316c41d8d0f99add82ec2e7a |
|
| BLAKE2b-256 | afe7401eafd3eef155ae9c275260ab318289455c8b3688d358c9371f6daf1027 |
