Add action documentation (#439)

Author: bill-rich

README.md

@@ -147,6 +147,41 @@ Try scanning an entire GitHub organization with the following:
 docker run -it -v "$PWD:/pwd" trufflesecurity/trufflehog:latest github --org=trufflesecurity
 ```
 
+### TruffleHog OSS Github Action
+
+```- name: TruffleHog OSS
+  uses: trufflesecurity/[email protected]
+  with:
+    # Repository path
+    path: 
+    # Start scanning from here (usually main branch).
+    base: 
+    # Scan commits until here (usually dev branch).
+    head: # optional
+```
+
+The TruffleHog OSS Github Action can be used to scan a range of commits for leaked credentials. The action will fail if
+any results are found.
+
+For example, to scan the contents of pull requests you could use the following workflow:
+```yaml
+name: Leaked Secrets Scan
+on: [pull_request]
+jobs:
+  TruffleHog:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: TruffleHog OSS
+        uses: trufflesecurity/[email protected]
+        with:
+          path: ./
+          base: ${{ github.event.repository.default_branch }}
+          head: HEAD
+```
 
 ## Contributors