From 22dbb561c3ea46ca5a81c8e12531a6238d17e2a8 Mon Sep 17 00:00:00 2001
From: Tarek Hamaoui <tarek.hamaoui@digitalservice.bund.de>
Date: Wed, 14 Aug 2024 10:44:38 +0200
Subject: [PATCH] Add pipeline with Talisman secrets check on push

RISDEV-4541
---
 .github/workflows/pipeline.yml | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 .github/workflows/pipeline.yml

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
new file mode 100644
index 0000000..3212902
--- /dev/null
+++ b/.github/workflows/pipeline.yml
@@ -0,0 +1,19 @@
+name: Pipeline
+
+on:
+  # Run on any branch receiving a push
+  push:
+  # Allow manual trigger of the workflow
+  workflow_dispatch:
+
+jobs:
+  # Talisman Secrets Check
+  talisman-check:
+    runs-on: ubuntu-latest
+    if: ${{ github.ref == 'refs/heads/main' }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Detect secrets in incoming commits with Talisman
+        uses: digitalservicebund/talisman-secrets-scan-action@9a4cb85589e29a62b4546eb566119753a5680aeb
\ No newline at end of file