Merge pull request #2 from CGFixIT/claude/quirky-wozniak-1zohvp #2
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CG Gitleaks Secret Scan | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| schedule: | |
| - cron: '23 9 * * 5' | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| jobs: | |
| gitleaks: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| # Allow the action to annotate pull requests with any findings | |
| pull-requests: write | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| # Full history so Gitleaks can scan every commit for secrets | |
| fetch-depth: 0 | |
| - name: Run Gitleaks | |
| uses: gitleaks/gitleaks-action@v2 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # GITLEAKS_LICENSE is only required for GitHub Organization accounts. | |
| # This repository lives under a personal account, so none is needed. |