39 lines
1.0 KiB
YAML
39 lines
1.0 KiB
YAML
---
|
|
name: GitLeaks check
|
|
|
|
on: # yamllint disable-line rule:truthy
|
|
pull_request:
|
|
types: [opened, edited, reopened, synchronize]
|
|
|
|
permissions: {}
|
|
|
|
jobs:
|
|
build:
|
|
name: GitLeaks check
|
|
runs-on: ubuntu-22.04
|
|
permissions:
|
|
contents: read
|
|
pull-requests: read
|
|
packages: read
|
|
statuses: write
|
|
steps:
|
|
- name: GitLeaks installation
|
|
working-directory: /bin
|
|
run: |
|
|
set -e
|
|
|
|
VERSION="v8.22.0"
|
|
CHECKSUM="3f95fef7e361adafed2b1bb9c591ba3bc6b595b4f296b346257301b7bf04be15 gitleaks.tar.gz"
|
|
|
|
wget -O "gitleaks.tar.gz" "https://github.com/gitleaks/gitleaks/releases/download/$VERSION/gitleaks_8.22.0_linux_arm64.tar.gz"
|
|
echo "$CHECKSUM" | sha256sum --check
|
|
|
|
tar xzf gitleaks.tar.gz
|
|
chmod +x gitleaks
|
|
- name: code checkout
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
|
|
with:
|
|
fetch-depth: 0
|
|
- name: GitLeaks check
|
|
run: gitleaks git && gitleaks dir
|