From 5e8364adcdf99c8f16162a88a5f4353ac4bbcbb7 Mon Sep 17 00:00:00 2001 From: Jonsy13 Date: Fri, 17 May 2024 17:34:14 +0530 Subject: [PATCH 1/2] Added gitleaks Signed-off-by: Jonsy13 --- .github/workflows/build.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7a75bf9..02da131 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -34,6 +34,18 @@ jobs: run: | make unused-package-check + gitleaks-scan: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + - name: Run GitLeaks + run: | + wget https://github.com/gitleaks/gitleaks/releases/download/v8.18.2/gitleaks_8.18.2_linux_x64.tar.gz && \ + tar -zxvf gitleaks_8.18.2_linux_x64.tar.gz && \ + sudo mv gitleaks /usr/local/bin && gitleaks detect --source . -v + security: runs-on: ubuntu-latest steps: From ae9167b4291acf1b291e04ba07186ef8d599ee10 Mon Sep 17 00:00:00 2001 From: Jonsy13 Date: Fri, 17 May 2024 17:41:11 +0530 Subject: [PATCH 2/2] Added gitleaks Signed-off-by: Jonsy13 --- .github/workflows/build.yml | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6902b73..3463d07 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -46,17 +46,6 @@ jobs: tar -zxvf gitleaks_8.18.2_linux_x64.tar.gz && \ sudo mv gitleaks /usr/local/bin && gitleaks detect --source . -v - security: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@master - - name: Run Snyk to check for vulnerabilities - uses: snyk/actions/golang@master - env: - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - with: - args: --severity-threshold=high - trivy: needs: pre-checks runs-on: ubuntu-latest