Merge pull request #15 from storyprotocol/fix/reusable_secrets_scanni…

…ng_workflow

[fix] properly pass secrets from caller to reusable workflow

.github/workflows/reusable-secrets-scanning.yml

@@ -10,6 +10,11 @@ on:
         required: false
         type: number
         default: 2
+    secrets:
+      SLACK_BOT_TOKEN:
+        required: true
+      SLACK_CHANNEL_ID_GITHUB_NOTIFICATION:
+        required: true
 
 jobs:
   SecurityScan:
@@ -37,14 +42,17 @@ jobs:
           channel-id: ${{ secrets.SLACK_CHANNEL_ID_GITHUB_NOTIFICATION }}
           payload: |
             {
-              "text": "${{ github.repository }}: API Integration Tests have been completed. Check the results at github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}",
+              "text": "TruffleHog scan detected secrets in ${{
+                github.repository }}. Please review the action logs.",
               "blocks": [
                 { "type": "divider" },
                 {
                   "type": "section",
                   "text": {
                     "type": "mrkdwn",
-                    "text":"${{ github.repository }}: TruffleHog scan found secrets in the repository. Check the results at github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
+                    "text": "🚨 *Alert:* TruffleHog detected secrets in ${{
+                      github.repository }}. [View details](https://github.com/${{
+                      github.repository }}/actions/runs/${{ github.run_id }})"
                   }
                 }
               ]

.github/workflows/secrets-scanning.yml

@@ -15,3 +15,4 @@ jobs:
       branch: ${{ github.ref_name }}
     secrets:
       SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
+      SLACK_CHANNEL_ID_GITHUB_NOTIFICATION: ${{ secrets.SLACK_CHANNEL_ID_GITHUB_NOTIFICATION }}