Skip to content

Chore: [AEA-0000] - remove gitsecrets #145

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
anthony-nhs merged 1 commit into from
Apr 21, 2026
Merged

Chore: [AEA-0000] - remove gitsecrets #145

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 10 additions & 7 deletions .github/workflows/quality-checks-devcontainer.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,8 @@ on:
required: false
docker_images:
type: string
description: comma separated list of docker image references to scan when docker scanning is enabled.
description: comma separated list of docker image references to scan when docker
scanning is enabled.
default: ""
required: false
pinned_image:
Expand All @@ -42,7 +43,8 @@ jobs:
shell: bash
steps:
- &init_tool_versions
name: copy needed files from devcontainer user to runner home directory or bin directory
name: copy needed files from devcontainer user to runner home directory or bin
directory
run: |
cp /home/vscode/.tool-versions "$HOME/.tool-versions"
cp /home/vscode/.grant.yaml "$HOME/.grant.yaml"
Expand Down Expand Up @@ -80,8 +82,6 @@ jobs:
make install
- name: Run secrets scan
run: |
git-secrets --register-aws
git-secrets --add-provider -- cat /usr/share/secrets-scanner/nhsd-rules-deny.txt
make secret-scan
- name: Run actionlint
run: |
Expand Down Expand Up @@ -172,7 +172,8 @@ jobs:
run: echo "SONAR_TOKEN_EXISTS=true" >> "$GITHUB_ENV"

- name: Run SonarQube analysis
if: ${{ steps.check_languages.outputs.uses_java == 'true' && env.SONAR_TOKEN_EXISTS == 'true' }}
if: ${{ steps.check_languages.outputs.uses_java == 'true' &&
env.SONAR_TOKEN_EXISTS == 'true' }}
run: |
# issues with sonar scanner and sslcontext-kickstart 9.1.0, forcing re-download
rm -rf ~/.m2/repository/io/github/hakky54/sslcontext-kickstart/9.1.0
Expand All @@ -184,7 +185,8 @@ jobs:

- name: SonarCloud Scan
uses: SonarSource/sonarqube-scan-action@299e4b793aaa83bf2aba7c9c14bedbb485688ec4
if: ${{ steps.check_languages.outputs.uses_java == 'false' && env.SONAR_TOKEN_EXISTS == 'true' }}
if: ${{ steps.check_languages.outputs.uses_java == 'false' &&
env.SONAR_TOKEN_EXISTS == 'true' }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
Expand Down Expand Up @@ -364,7 +366,8 @@ jobs:
fi

- name: Run cfn-lint
if: steps.check_sam_templates.outputs.sam_exists == 'true' || steps.check_cf_templates.outputs.cf_exists == 'true'
if: steps.check_sam_templates.outputs.sam_exists == 'true' ||
steps.check_cf_templates.outputs.cf_exists == 'true'
run: |
make cfn-lint

Expand Down