This feature adds GitLeaks as a GitHub Action to the repository.
Why we need the feature
GitLeaks is a tool that helps in detecting and preventing secrets from being committed to the repository. By integrating GitLeaks as a GitHub Action, we can automatically scan for sensitive information in our codebase, enhancing the security of our project.
How to implement and why
Create a GitHub Action Workflow File:
Add a new workflow file in the .github/workflows directory, e.g., gitleaks.yml.
This file will define the GitLeaks action to run on specific events like push and pull_request.
Define the Workflow:
Specify the name of the workflow.
Set the on triggers to push and pull_request to ensure the action runs on these events.
Use the jobs section to define the job that will run GitLeaks.
Use the actions/setup-go@v2 action to set up the Go environment, as GitLeaks is a Go-based tool.
Use the zricethezav/gitleaks-action@v1.3.0 action to run GitLeaks.
Configure GitLeaks:
Optionally, add a configuration file for GitLeaks if custom rules or exclusions are needed.
Test the Workflow:
Push the changes to a branch and create a pull request to ensure the GitHub Action runs as expected.
Example gitleaks.yml:
name: GitLeaks
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
gitleaks:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: '1.16'
- name: Run GitLeaks
uses: zricethezav/gitleaks-action@v1.3.0
with:
args: "--path=."
By following these steps, we ensure that our repository is continuously monitored for any accidental commits of sensitive information, thereby improving our security posture.
Original issue: #2
What is the feature
This feature adds GitLeaks as a GitHub Action to the repository.
Why we need the feature
GitLeaks is a tool that helps in detecting and preventing secrets from being committed to the repository. By integrating GitLeaks as a GitHub Action, we can automatically scan for sensitive information in our codebase, enhancing the security of our project.
How to implement and why
Create a GitHub Action Workflow File:
.github/workflows
directory, e.g.,gitleaks.yml
.push
andpull_request
.Define the Workflow:
name
of the workflow.on
triggers topush
andpull_request
to ensure the action runs on these events.jobs
section to define the job that will run GitLeaks.actions/setup-go@v2
action to set up the Go environment, as GitLeaks is a Go-based tool.zricethezav/gitleaks-action@v1.3.0
action to run GitLeaks.Configure GitLeaks:
Test the Workflow:
Example
gitleaks.yml
:By following these steps, we ensure that our repository is continuously monitored for any accidental commits of sensitive information, thereby improving our security posture.
Test these changes locally