Confluence Secret Scan #26

	name: "Confluence Secret Scan"

	on:
	schedule:
	- cron: '0 13 * * 1'
	workflow_dispatch:

	jobs:
	secret_scanning:
	permissions: write-all
	runs-on: [ubuntu-latest]
	steps:
	- name: Scan Confluence with n0s1-action
	uses: spark1security/n0s1-action@main
	env:
	JIRA_TOKEN: ${{ secrets.JIRA_TOKEN }}
	with:
	scan-target: 'confluence_scan'
	user-email: '[email protected]'
	platform-url: 'https://spark1us.atlassian.net'
	report-format: "sarif"
	report-file: "confluence_secret_report.sarif"
	- name: Create JIRA tickets for n0s1 findings
	uses: GeorgeDavis-Ibexlabs/[email protected]
	with:
	jira_cloud_url: "https://spark1us.atlassian.net"
	jira_auth_email: "[email protected]"
	jira_project_key: "DLP"
	jira_api_token: ${{ secrets.JIRA_TOKEN }}
	jira_default_issue_labels: "n0s1,credential-leak"
	- name: Display SARIF result
	run: \|
	cat confluence_secret_report.sarif \| jq \| head -n 20
	cat confluence_secret_report.sarif \| jq \| tail -n 20
	- name: Upload scan report to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: "confluence_secret_report.sarif"

Provide feedback