feat: Add gitleaks files #3
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Software Name: OUDS Flutter | |
| # SPDX-FileCopyrightText: Copyright (c) Orange SA | |
| # SPDX-License-Identifier: MIT | |
| # | |
| # This software is distributed under the MIT license, | |
| # the text of which is available at https://opensource.org/license/MIT/ | |
| # or see the "LICENSE" file for more details. | |
| # | |
| # Software description: Flutter library of reusable graphical components | |
| name: Gitleaks - Secret Scanning | |
| on: | |
| # Scan on every push except protected branches (already scanned via PR) | |
| push: | |
| branches-ignore: | |
| - main | |
| workflow_dispatch: | |
| # Scan on pull requests targeting main or develop | |
| pull_request: | |
| types: | |
| - opened | |
| - synchronize | |
| branches-ignore: | |
| - main | |
| permissions: | |
| contents: read | |
| # Cancel-in-progress to avoid accumulating runs for the same branch or pull request | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref_name }} | |
| cancel-in-progress: true | |
| jobs: | |
| scan: | |
| name: gitleaks | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 60 | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| fetch-depth: 0 | |
| - uses: gitleaks/gitleaks-action@ff98106e4c7b2bc287b24eaf42907196329070c7 # v2.3.9 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }} | |
| GITLEAKS_CONFIG: .gitleaks.toml |