joeleonjr/.travis.existing.yml

## .travis.existing.yml
# Add TruffleHog to an Existing Travis CI Pipeline

services:
  - docker

script:
  - |
    if [ "${TRAVIS_PULL_REQUEST}" = "true" ] ; then
      SINCE_COMMIT="main"
    else
      SINCE_COMMIT=$(echo ${TRAVIS_COMMIT_RANGE} | cut -f 1 -d '.')
    fi
  - docker run --rm -v "$(pwd)":/tmp ghcr.io/trufflesecurity/trufflehog:latest --only-verified --fail --no-update git file:///tmp/ --since-commit ${SINCE_COMMIT} --branch HEAD --trace --debug

## .travis.yml
# Add TruffleHog in a new Travis CI Pipeline

# Only run against PRs and Pushes to Main
branches:
  only:
  - main

# Install + Start Docker
services:
  - docker

# Block default git clone process
git:
  clone: false

# Setup + Run TruffleHog
script:
  # Get count of commits in PR or Push
  - |
    COMMIT_COUNT=$(curl -L \
    -H "Accept: application/vnd.github+json" \
    -H "Authorization: Bearer $GH_TOKEN" \
    -H "X-GitHub-Api-Version: 2022-11-28" \
    https://api.github.com/repos/$TRAVIS_REPO_SLUG/compare/$TRAVIS_COMMIT_RANGE | jq ".total_commits")
  # Add 1 so that we have a reference to the commit immediately prior to the code changes we want to scan.
  - COMMIT_COUNT=$((COMMIT_COUNT+1))
  # Run a modified Git Clone Process based on Travis CI Built-In Method
  - BRANCH="${TRAVIS_PULL_REQUEST_BRANCH:-$TRAVIS_BRANCH}"
  - git clone --depth=$COMMIT_COUNT --branch=$BRANCH https://github.com/$TRAVIS_REPO_SLUG.git
  - cd $(echo $TRAVIS_REPO_SLUG | cut -d'/' -f2-)
  # Run TruffleHog against only the most recent changes.
  # Set --since-commit to 1 commit before the changes we want to scan (aka the oldest commit in our shallow clone).
  - docker run --rm -v "$(pwd)":/tmp ghcr.io/trufflesecurity/trufflehog:latest --only-verified --fail --no-update git file:///tmp/ --since-commit $(git rev-list --max-parents=0 HEAD)
	# Add TruffleHog to an Existing Travis CI Pipeline

	services:
	- docker

	script:
	- \|
	if [ "${TRAVIS_PULL_REQUEST}" = "true" ] ; then
	SINCE_COMMIT="main"
	else
	SINCE_COMMIT=$(echo ${TRAVIS_COMMIT_RANGE} \| cut -f 1 -d '.')
	fi
	- docker run --rm -v "$(pwd)":/tmp ghcr.io/trufflesecurity/trufflehog:latest --only-verified --fail --no-update git file:///tmp/ --since-commit ${SINCE_COMMIT} --branch HEAD --trace --debug
	# Add TruffleHog in a new Travis CI Pipeline

	# Only run against PRs and Pushes to Main
	branches:
	only:
	- main

	# Install + Start Docker
	services:
	- docker

	# Block default git clone process
	git:
	clone: false

	# Setup + Run TruffleHog
	script:
	# Get count of commits in PR or Push
	- \|
	COMMIT_COUNT=$(curl -L \
	-H "Accept: application/vnd.github+json" \
	-H "Authorization: Bearer $GH_TOKEN" \
	-H "X-GitHub-Api-Version: 2022-11-28" \
	https://api.github.com/repos/$TRAVIS_REPO_SLUG/compare/$TRAVIS_COMMIT_RANGE \| jq ".total_commits")
	# Add 1 so that we have a reference to the commit immediately prior to the code changes we want to scan.
	- COMMIT_COUNT=$((COMMIT_COUNT+1))
	# Run a modified Git Clone Process based on Travis CI Built-In Method
	- BRANCH="${TRAVIS_PULL_REQUEST_BRANCH:-$TRAVIS_BRANCH}"
	- git clone --depth=$COMMIT_COUNT --branch=$BRANCH https://github.com/$TRAVIS_REPO_SLUG.git
	- cd $(echo $TRAVIS_REPO_SLUG \| cut -d'/' -f2-)
	# Run TruffleHog against only the most recent changes.
	# Set --since-commit to 1 commit before the changes we want to scan (aka the oldest commit in our shallow clone).
	- docker run --rm -v "$(pwd)":/tmp ghcr.io/trufflesecurity/trufflehog:latest --only-verified --fail --no-update git file:///tmp/ --since-commit $(git rev-list --max-parents=0 HEAD)