username/s5p
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add gitleaks secret scanning to CI pipeline
Some checks failed
ci / secrets (push) Failing after 9s
Details
ci / test (push) Successful in 19s
Details
ci / build (push) Has been skipped
Details

Browse Source 
Runs gitleaks detect with full history before the build job.
Both test and secrets jobs must pass to gate image push.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
user
2026-02-21 17:34:38 +01:00
parent 8a909cd79d
commit 64f3fedb9f
2 changed files with 15 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
.gitea/workflows/ci.yaml
View File

@@ -16,8 +16,19 @@ jobs:
- run: ruff check src/ tests/
- run: PYTHONPATH=src pytest tests/ -v
secrets:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- run: |
curl -sSfL https://github.com/gitleaks/gitleaks/releases/latest/download/gitleaks_8.24.0_linux_x64.tar.gz \
| tar xz -C /usr/local/bin gitleaks
- run: gitleaks detect --source . -v
build:
needs: test
needs: [test, secrets]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4