Update secret-scan.yml (#148)

getsentry · Nov 7, 2024 · f2a9fd9 · f2a9fd9
1 parent f0fdb2d
commit f2a9fd9
Showing 1 changed file with 5 additions and 3 deletions.
diff --git a/.github/workflows/secret-scan.yml b/.github/workflows/secret-scan.yml
@@ -64,9 +64,11 @@ jobs:
       - name: Send Alert to Panther
         id: alert
         run: |
-          curl "${{vars.SECRET_SCAN_PANTHER_WEBHOOK_URL}}" \
-            --header "Authorization: Bearer ${{ secrets.SECRET_SCAN_PANTHER_WEBHOOK_HEADER }}" \
-            --data '{"event":"github_secret_scanning", "status":"${{steps.scan.outcome}}", "createdAt":"${{ github.event.pull_request.created_at }}", "repo":"${{ github.repository }}","pull_request":"https://github.com/${{ github.repository }}/pull/${{ github.event.pull_request.number }}","actor":"${{ github.event.pull_request.user.login }}"}'
+          if [[ -n "${{vars.SECRET_SCAN_PANTHER_WEBHOOK_URL}}" ]]; then
+            curl "${{vars.SECRET_SCAN_PANTHER_WEBHOOK_URL}}" \
+              --header "Authorization: Bearer ${{ secrets.SECRET_SCAN_PANTHER_WEBHOOK_HEADER }}" \
+              --data '{"event":"github_secret_scanning", "status":"${{steps.scan.outcome}}", "createdAt":"${{ github.event.pull_request.created_at }}", "repo":"${{ github.repository }}","pull_request":"https://github.com/${{ github.repository }}/pull/${{ github.event.pull_request.number }}","actor":"${{ github.event.pull_request.user.login }}"}'
+          fi
       - name: Fail workflow if secret detected
         if: steps.scan.outcome != 'success'
         run: exit 1