we have a dummy url for now that won't time out #139
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Last applied at: Wed, 12 Feb 2025 01:45:55 GMT | |
| # DevOps Shield - The ultimate DevSecOps platform designed to secure your DevOps. | |
| # https://devopsshield.com | |
| ############################################################## | |
| # This is a DevOps Shield - Application Security - Code Security Template. | |
| # This workflow template uses actions that are not certified by DevOps Shield. | |
| # They are provided by a third-party and are governed by separate terms of service, privacy policy, and support documentation. | |
| # Use this workflow template for integrating code security into your pipelines and workflows. | |
| # DevOps Shield Workflow Template Details: | |
| # ------------------------------------------------------------ | |
| # Code: GH_SS_GITLEAKS | |
| # Name: Gitleaks Secret Scanning | |
| # DevSecOpsControls: SS | |
| # Provider: Gitleaks | |
| # Categories: Code Scanning, Secrets | |
| # Description: | |
| # Gitleaks is a tool for detecting and preventing hardcoded secrets like passwords, API keys, and tokens in git repos. | |
| # Gitleaks is an easy-to-use, all-in-one solution for detecting secrets, past or present, in your code. | |
| # Enable Gitleaks-Action in your GitHub workflows to be alerted when secrets are leaked as soon as they happen. | |
| # A gitleaks-action license can be obtained at gitleaks.io. | |
| # Read the official documentation to find out more. | |
| # For more information: | |
| # https://gitleaks.io/ | |
| # https://github.com/gitleaks | |
| # https://blog.gitleaks.io/ | |
| # ------------------------------------------------------------ | |
| # Source repository: https://github.com/gitleaks/gitleaks-action | |
| ############################################################## | |
| name: Gitleaks Secret Scanning | |
| on: | |
| push: | |
| pull_request: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: 0 0 * * * | |
| jobs: | |
| gitleaks: | |
| name: Gitleaks Secret Scanning | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| security-events: write | |
| pull-requests: read | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Run Gitleaks | |
| uses: gitleaks/gitleaks-action@v2 | |
| id: gitleaks | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }} # Only required for Organizations, not personal accounts. |