Git secret is a tool scanning commits/commit messages for possible leaks of secret into github.
This pull request add a new github workflow to check the code push and prs. Since git secret is usually installed in dev environment and checking commits when run git commit, the way this workflow works is 1) install git secret on worker 2) scan existing code base (instead of individual commits) based on previous clean record to detect problem in the new code changes
Summary
Git secret is a tool scanning commits/commit messages for possible leaks of secret into github.
This pull request add a new github workflow to check the code push and prs. Since git secret is usually installed in dev environment and checking commits when run
git commit, the way this workflow works is 1) install git secret on worker 2) scan existing code base (instead of individual commits) based on previous clean record to detect problem in the new code changesImplementation details
Testing
New tests cover the changes: N/A
Tested with a branch in my fork
Made sure it can fail when git secrets scan failed
Description for the changelog
Add git secret scan to workflow
Licensing
This contribution is under the terms of the Apache 2.0 License: yes