From dfb2da5e1c13d55644106c56ab28c41a22fb141f Mon Sep 17 00:00:00 2001
From: Frederic Mercier <f.mercier@fr.ibm.com>
Date: Mon, 26 Aug 2024 18:40:43 +0200
Subject: [PATCH] new test

---
 .github/workflows/detect-secrets.yml | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/detect-secrets.yml b/.github/workflows/detect-secrets.yml
index 58abfab..50d2127 100644
--- a/.github/workflows/detect-secrets.yml
+++ b/.github/workflows/detect-secrets.yml
@@ -38,13 +38,14 @@ jobs:
       # troubleshooting
       - name: all in one
         run: |
-          docker run -a stdout \
+          docker run --pull=always -a stdout \
           -v ${{github.workspace}}:/code \
-          --entrypoint /bin/bash \
+          --entrypoint /bin/sh \
           icr.io/git-defenders/detect-secrets:0.13.1.ibm.61.dss-redhat-ubi \
-          -c "pwd; ls -al; detect-secrets --version; detect-secrets --help; detect-secrets scan --help; detect-secrets -v scan --all-files --update .secrets.baseline 2>&1; echo scan over; ls -al; echo the end" 
-      #-c "pwd; ls -al; detect-secrets -v scan /code --update /code/.secrets.baseline; sleep 10; ls -al; detect-secrets audit --display-results /code/.secrets.baseline" 
-
+          -c "detect-secrets --version; 
+              detect-secrets scan --all-files --update .secrets.baseline; 
+              detect-secrets audit --display-results .secrets.baseline; 
+              detect-secrets audit --report --fail-on-unaudited --fail-on-live --fail-on-audited-real .secrets.baseline" 
 
       # fail if a potential secret was found
           # -v ${{ github.workspace }}:/code \