Skip to content

Gitleaks - Secret Scanning #366

Gitleaks - Secret Scanning

Gitleaks - Secret Scanning #366

Workflow file for this run

name: Gitleaks - Secret Scanning
on:
pull_request:
push:
workflow_dispatch:
schedule:
- cron: "3 */4 * * *" # run once a day at 4 AM
jobs:
scan:
name: gitleaks
runs-on: cldcvr-pvt-runner-aws
permissions:
id-token: write
contents: write
pull-requests: write
steps:
- name: cleanup directory
run: |
ls -la ./ /tmp/
rm -rf ./* /tmp/gitleaks.tmp /tmp/* || true
rm -rf ./.??* || true
ls -la ./
- uses: actions/checkout@v3
with:
fetch-depth: 0
- uses: gitleaks/gitleaks-action@v2.3.2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}} # Only required for Organizations, not personal accounts.
GITLEAKS_NOTIFY_USER_LIST: "@amitshcc, @cldcvr-audit, @dshelley66, @ElizabethAnthony94, @gouravjoshicldcvr, @SachinCldCvr, @sagarpatil23192, @tridev-cldcvr, @varunchandak, @sweetib"
GITLEAKS_ENABLE_COMMENTS: true
GITLEAKS_ENABLE_UPLOAD_ARTIFACT: false
GITLEAKS_ENABLE_SUMMARY: true