---
name: Secrets Scan
# Disabled — requires GITLEAKS_LICENSE secret.
# To enable, uncomment the push/pull_request triggers and configure the secret.
"on":
# push:
# pull_request:
workflow_dispatch:
permissions:
contents: read
jobs:
gitleaks:
name: Scan for Secrets
runs-on: ubuntu-latest
steps:
- name: Checkout repository
# v6.0.2
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0
- name: Run Gitleaks
# master
uses: gitleaks/gitleaks-action@bf2dc8e55639c1e091e9b45970152e4313705814
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }}